PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS
PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, kyverno, kind, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy, node-problem-detector, traefik, kubewatch, minio, kubevela, kots, conftest, kubescape,...
8.7AI Score
0.72EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, flannel, bank-vaults, etcd, kyverno, tflint, kubernetes-csi-driver-hostpath, nuclei, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, nerdctl, rabbitmq-cluster-operator, zarf,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: buildkitd, skaffold, runc, nerdctl, zarf, datadog-agent, grype, cadvisor, trivy, kaniko, k3d, kots, kubernetes, ctop, kubescape, nvidia-device-plugin, skopeo, zot, newrelic-infrastructure-agent, docker, wolfictl, k9s, k3s, telegraf, syft,...
7.5AI Score
0.051EPSS
GHSA-VVPX-J8F3-3W6H vulnerabilities
Vulnerabilities for packages: go, hey, k3d, dynamic-localpv-provisioner, gke-gcloud-auth-plugin, grpcurl, falco, restic,...
7.5AI Score
CVE-2022-41723 vulnerabilities
Vulnerabilities for packages: go, hey, k3d, dynamic-localpv-provisioner, gke-gcloud-auth-plugin, grpcurl, falco, restic,...
8.2AI Score
0.02EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: helm, flannel, harbor, neuvector-scanner, flyte, aws-efs-csi-driver, kargo, go-md2man, node-problem-detector, kubewatch, cass-operator, harbor-registry, nri-redis, chartmuseum, nri-memcached, spqr, hubble-ui, ferretdb, prometheus-mongodb-exporter, oras, rekor,...
7AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...
7.5AI Score
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...
8.2AI Score
0.001EPSS
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, bank-vaults, kyverno, nfs-subdir-external-provisioner, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, vertical-pod-autoscaler, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy,...
6.5AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, flannel, bank-vaults, etcd, kyverno, tflint, kubernetes-csi-driver-hostpath, nuclei, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, nerdctl, rabbitmq-cluster-operator, zarf,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: helm, flannel, harbor, neuvector-scanner, flyte, aws-efs-csi-driver, kargo, go-md2man, node-problem-detector, kubewatch, cass-operator, harbor-registry, nri-redis, chartmuseum, nri-memcached, spqr, hubble-ui, ferretdb, prometheus-mongodb-exporter, oras, rekor,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...
7.5AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, bank-vaults, kyverno, kind, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, fuse-overlayfs-snapshotter, vertical-pod-autoscaler, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy,.....
8.2AI Score
0.002EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
7.5AI Score
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: helm, buildkitd, pulumi-language-yaml, dgraph, cilium-envoy, prometheus-stackdriver-exporter, up, cosign, flux-source-controller, keda, gitlab-pages, flux-helm-controller, aws-efs-csi-driver, dex, dynamic-localpv-provisioner, pulumi-kubernetes-operator,...
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, kyverno, kind, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy, node-problem-detector, traefik, kubewatch, minio, kubevela, kots, conftest, kubescape,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
7.5AI Score
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2. A patched version of the package is...
8.2AI Score
0.72EPSS
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...
7.4AI Score
0.001EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...
7.5AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, bank-vaults, kyverno, kind, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, fuse-overlayfs-snapshotter, vertical-pod-autoscaler, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy,.....
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, bank-vaults, kyverno, nfs-subdir-external-provisioner, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, vertical-pod-autoscaler, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy,...
7.5AI Score
GHSA-XR7R-F8XQ-VFVV vulnerabilities
Vulnerabilities for packages: buildkitd, skaffold, runc, nerdctl, zarf, datadog-agent, grype, cadvisor, trivy, kaniko, k3d, kots, kubernetes, ctop, kubescape, nvidia-device-plugin, skopeo, zot, newrelic-infrastructure-agent, docker, wolfictl, k9s, k3s, telegraf, syft,...
7.5AI Score
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
Ticketmaster confirms customer data breach
Live Nation Entertainment has confirmed what everyone has been speculating on for the last week: Ticketmaster has suffered a data breach. In a filing with the SEC, Live Nation said on May 20th it identified "unauthorized activity within a third-party cloud database environment containing Company...
7.4AI Score
cv.sipradi.com.np Cross Site Scripting vulnerability OBB-3932446
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
smoothways.net Cross Site Scripting vulnerability OBB-3932443
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
yalebooks.co.uk Cross Site Scripting vulnerability OBB-3932442
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-4148 Redos (Regular Expression Denial of Service) in lunary-ai/lunary
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary application, version 1.2.10. An attacker can exploit this vulnerability by maliciously manipulating regular expressions, which can significantly impact the response time of the application and potentially...
7.1AI Score
forum-startup-chemie.de Cross Site Scripting vulnerability OBB-3932439
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
chemicalparks.com Cross Site Scripting vulnerability OBB-3932438
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dechemax.de Cross Site Scripting vulnerability OBB-3932436
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
informatik.uni-leipzig.de Cross Site Scripting vulnerability OBB-3932433
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
bellewholesale.com Cross Site Scripting vulnerability OBB-3932430
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bljthailand.com Cross Site Scripting vulnerability OBB-3932429
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Reaper - Proof Of Concept On BYOVD Attack
Reaper is a proof-of-concept designed to exploit BYOVD (Bring Your Own Vulnerable Driver) driver vulnerability. This malicious technique involves inserting a legitimate, vulnerable driver into a target system, which allows attackers to exploit the driver to perform malicious actions. Reaper was...
7.5AI Score
cca-manila.edu.ph Cross Site Scripting vulnerability OBB-3932423
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
catalogo.cotelco.org Cross Site Scripting vulnerability OBB-3932422
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score