Album And Image Gallery With Lightbox – Flagallery Photo Portfolio Security Vulnerabilities
A vulnerability classified as problematic was found in Hipcam Device up to 20240511. This vulnerability affects unknown code of the file /log/wifi.mac of the component MAC Address Handler. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been.....
5.3CVSS
A vulnerability classified as problematic has been found in Victor Zsviot Camera 8.26.31. This affects an unknown part of the component MQTT Packet Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
6.5CVSS
CVE-2024-5096 Hipcam Device MAC Address wifi.mac information disclosure
A vulnerability classified as problematic was found in Hipcam Device up to 20240511. This vulnerability affects unknown code of the file /log/wifi.mac of the component MAC Address Handler. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been.....
CVE-2024-5095 Victor Zsviot Camera MQTT Packet denial of service
A vulnerability classified as problematic has been found in Victor Zsviot Camera 8.26.31. This affects an unknown part of the component MQTT Packet Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels
First, a couple of useful oneliners ;) wget "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -O lse.sh;chmod 700 lse.sh curl "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -Lo lse.sh;chmod 700 lse.sh Note...
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull...
Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/EnvelopeOpenServlet messageId directory traversal for unauthenticated file read and delete operations (with displayLoginChunkedImages) and write operations (with...
Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/EnvelopeOpenServlet messageId directory traversal for unauthenticated file read and delete operations (with displayLoginChunkedImages) and write operations (with...
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull...
QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable...
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, calico, actions-runner-controller, capslock, newrelic-infra-operator, trivy, gitlab-pages, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml, prometheus-mongodb-exporter, flannel, goreleaser,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
6.5AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: oras, gke-gcloud-auth-plugin, gitlab-pages, neuvector-scanner, kubeadm-controlplane-controller, docker-credential-ecr-login, goreleaser, gitleaks, vt-cli, wazero, nri-couchbase, dagdotdev, nri-discovery-kubernetes, oauth2-proxy, spqr, metallb, src-fingerprint,...
6.9AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: buildkitd, snyk-cli, local-static-provisioner, oras, capslock, crane, glab, gke-gcloud-auth-plugin, newrelic-infra-operator, tempo, gitlab-pages, trivy, nvidia-device-plugin, neuvector-scanner, pulumi-language-yaml, rootlesskit, docker-credential-ecr-login, flannel,...
7.5AI Score
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: buildkitd, snyk-cli, local-static-provisioner, oras, capslock, crane, glab, gke-gcloud-auth-plugin, newrelic-infra-operator, tempo, gitlab-pages, trivy, nvidia-device-plugin, neuvector-scanner, pulumi-language-yaml, rootlesskit, docker-credential-ecr-login, flannel,...
6.6AI Score
0.0004EPSS
Vulnerabilities for packages: buildkitd, gke-gcloud-auth-plugin, gitlab-pages, gobuster, nvidia-device-plugin, pulumi-language-yaml, prometheus-mongodb-exporter, dex, falcoctl, flux-image-automation-controller, flux, kaf, sigstore-scaffolding, frp, kubernetes-dashboard-metrics-scraper,...
6.5AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: buildkitd, libssh, amass, calico, actions-runner-controller, trivy, gitlab-pages, gobuster, nats, prometheus-mongodb-exporter, dex, falcoctl, flux-image-automation-controller, flux, kaf, sigstore-scaffolding, frp, oauth2-proxy, prometheus-nats-exporter, kots, up,...
7AI Score
0.962EPSS
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: buildkitd, skaffold, k9s, aactl, crane, k3s, newrelic-infrastructure-agent, eksctl, kargo, istio-pilot-agent, trivy, zot, ctop, tekton-chains, istio-pilot-discovery, nerdctl, goreleaser, cosign, falcoctl, flux-image-reflector-controller, cri-tools, scorecard, skopeo,.....
7.8AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, calico, actions-runner-controller, capslock, newrelic-infra-operator, trivy, gitlab-pages, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml, prometheus-mongodb-exporter, flannel, goreleaser,...
6.6AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
7.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
6.5AI Score
0.0004EPSS
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: oras, gke-gcloud-auth-plugin, gitlab-pages, neuvector-scanner, kubeadm-controlplane-controller, docker-credential-ecr-login, goreleaser, gitleaks, vt-cli, wazero, nri-couchbase, dagdotdev, nri-discovery-kubernetes, oauth2-proxy, spqr, metallb, src-fingerprint,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: buildkitd, snyk-cli, local-static-provisioner, oras, capslock, crane, glab, gke-gcloud-auth-plugin, newrelic-infra-operator, tempo, gitlab-pages, trivy, nvidia-device-plugin, neuvector-scanner, pulumi-language-yaml, rootlesskit, docker-credential-ecr-login, flannel,...
7.5AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: buildkitd, amass, gke-gcloud-auth-plugin, gitlab-pages, gobuster, nats, nvidia-device-plugin, pulumi-language-yaml, prometheus-mongodb-exporter, dex, falcoctl, flux-image-automation-controller, flux, kaf, sigstore-scaffolding, frp,...
8.2AI Score
0.002EPSS
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: skaffold, wolfictl, flux-source-controller, aactl, crossplane, apko, vault, actions-runner-controller, zot, keda, tekton-chains, pulumi-language-yaml, terragrunt, flux-kustomize-controller, goreleaser, cosign, kaniko, melange, spire-server, pulumi-kubernetes-operator,....
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: buildkitd, amass, gke-gcloud-auth-plugin, gitlab-pages, gobuster, nats, nvidia-device-plugin, pulumi-language-yaml, prometheus-mongodb-exporter, dex, falcoctl, flux-image-automation-controller, flux, kaf, sigstore-scaffolding, frp,...
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: buildkitd, gke-gcloud-auth-plugin, gitlab-pages, gobuster, nvidia-device-plugin, pulumi-language-yaml, prometheus-mongodb-exporter, dex, falcoctl, flux-image-automation-controller, flux, kaf, sigstore-scaffolding, frp, kubernetes-dashboard-metrics-scraper,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: buildkitd, libssh, amass, calico, actions-runner-controller, trivy, gitlab-pages, gobuster, nats, prometheus-mongodb-exporter, dex, falcoctl, flux-image-automation-controller, flux, kaf, sigstore-scaffolding, frp, oauth2-proxy, prometheus-nats-exporter, kots, up,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
6.5AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
6.5AI Score
0.0004EPSS
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: buildkitd, snyk-cli, local-static-provisioner, oras, capslock, crane, glab, gke-gcloud-auth-plugin, newrelic-infra-operator, tempo, gitlab-pages, trivy, nvidia-device-plugin, neuvector-scanner, pulumi-language-yaml, rootlesskit, docker-credential-ecr-login, flannel,...
6.6AI Score
0.0004EPSS
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: buildkitd, skaffold, k9s, aactl, crane, k3s, newrelic-infrastructure-agent, eksctl, kargo, istio-pilot-agent, trivy, zot, ctop, tekton-chains, istio-pilot-discovery, nerdctl, goreleaser, cosign, falcoctl, flux-image-reflector-controller, cri-tools, scorecard, skopeo,.....
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: buildkitd, kwok, amass, oras, calico, actions-runner-controller, capslock, gke-gcloud-auth-plugin, newrelic-infra-operator, tailscale, gobuster, nats, nvidia-device-plugin, kubeadm-controlplane-controller, kuberay-operator, pulumi-language-yaml,...
6.5AI Score
0.0004EPSS
QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable...
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical. This issue affects some unknown processing of the file view_payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has....
7.3CVSS
CVE-2024-5094 SourceCodester Best House Rental Management System view_payment.php sql injection
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as critical. This issue affects some unknown processing of the file view_payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has....
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The...
7.3CVSS
CVE-2024-5093 SourceCodester Best House Rental Management System login.php sql injection
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The...
namedawn.com Cross Site Scripting vulnerability OBB-3928554
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
muncieanna.com Cross Site Scripting vulnerability OBB-3928552
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
audio.ohr.edu Cross Site Scripting vulnerability OBB-3928550
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a denial of service of network ports on the system, caused by the deserialization of untrusted data. IBM X-Force ID: ...
7.5CVSS
barefootonline.com Cross Site Scripting vulnerability OBB-3928548
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
krihm.org Cross Site Scripting vulnerability OBB-3928547
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
GHSA-HQXW-F8MX-CPMW vulnerabilities
Vulnerabilities for packages: bom, flux-image-reflector-controller, flux-helm-controller-0.37, kubernetes-fips, kubernetes-dashboard, aactl, kpt, prometheus,...
7.3AI Score
CVE-2023-28840 vulnerabilities
Vulnerabilities for packages: bom, melange, flux-image-reflector-controller, flux-helm-controller-0.37, ctop, helm, apko, ko,...
8.7AI Score
0.002EPSS