BD Pyxis™ MedStation™ ES Server Security Vulnerabilities

CVE-2024-5629 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-39321 vulnerabilities

Vulnerabilities for packages:...

GHSA-892H-R6CR-53G4 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-6816 vulnerabilities

Vulnerabilities for packages:...

GHSA-W668-XCXF-V3GG vulnerabilities

Vulnerabilities for packages:...

GHSA-VX3H-CJ8W-2H2C vulnerabilities

Vulnerabilities for packages:...

GHSA-3FPG-J8CW-VCJQ vulnerabilities

Vulnerabilities for packages:...

GHSA-MQQF-4P7R-RF89 vulnerabilities

Vulnerabilities for packages:...

GHSA-Q6W6-RJJJ-5P52 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-29903 vulnerabilities

Vulnerabilities for packages: ko, zot, skaffold, goreleaser, neuvector-sigstore-interface, vexctl, aactl, falcoctl, melange, zarf, slsa-verifier, gitsign, apko, falco, flux-source-controller, spire-server, tekton-chains, tkn, wolfictl, policy-controller,...

CVE-2023-39322 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21000 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21015 vulnerabilities

Vulnerabilities for packages:...

GHSA-2MPF-FQ5J-4HGP vulnerabilities

Vulnerabilities for packages:...

GHSA-5V68-73XH-WCGW vulnerabilities

Vulnerabilities for packages:...

GHSA-7JXX-P3JR-R2X9 vulnerabilities

Vulnerabilities for packages:...

GHSA-R345-8C48-X279 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: vault-k8s, mods, kube-bench, crossplane-provider-aws, smarter-device-manager, node-feature-discovery, prometheus-alertmanager, spicedb, trust-manager, cadvisor, direnv, skaffold, loki, src-fingerprint, external-secrets-operator, aactl, nats-server, falcoctl,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: node-feature-discovery, prometheus-alertmanager, cadvisor, restic, metrics-server, postgres-operator, mc, sigstore-scaffolding, slsa-verifier, gitsign, nsc, govulncheck, kubernetes-dashboard, kubeadm-controlplane-controller, secrets-store-csi-driver-provider-aws,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: fq, vault-k8s, kube-bench, smarter-device-manager, envoy-ratelimit, consul, prometheus-alertmanager, nri-rabbitmq, cadvisor, datadog-agent, direnv, goreleaser, skaffold, loki, tctl, src-fingerprint, nats-server, temporal-server, yam, metrics-server, nri-kafka,...

CVE-2024-21664 vulnerabilities

Vulnerabilities for packages: minio, vexctl, falco, boring-registry, external-secrets-operator, tekton-chains, spire-server, falcoctl, istio-operator, istio-pilot-discovery, mc, kubescape, istio-cni, istio-pilot-agent, kyverno,...

GHSA-VV9M-32RR-3G55 vulnerabilities

Vulnerabilities for packages: kind, metrics-server,...

GHSA-PVCR-V8J8-J5Q3 vulnerabilities

Vulnerabilities for packages: minio, vexctl, falco, boring-registry, external-secrets-operator, tekton-chains, spire-server, falcoctl, istio-operator, istio-pilot-discovery, mc, kubescape, istio-cni, istio-pilot-agent, kyverno,...

GHSA-MR45-RX8Q-WCM9 vulnerabilities

Vulnerabilities for packages: minio, nats-server, telegraf, k3s,...

CVE-2024-27454 vulnerabilities

Vulnerabilities for packages: py3-orjson,...

GHSA-3RQ5-2G8H-59HC vulnerabilities

Vulnerabilities for packages: py3-dnspython,...

GHSA-PWR2-4V36-6QPR vulnerabilities

Vulnerabilities for packages: py3-orjson,...

GHSA-44WM-F244-XHP3 vulnerabilities

Vulnerabilities for packages: pytorch, py3-pillow,...

GHSA-9V7R-X7CV-V437 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21009 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21054 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21087 vulnerabilities

Vulnerabilities for packages:...

GHSA-26MF-52P6-23PQ vulnerabilities

Vulnerabilities for packages:...

GHSA-3VX9-2CH5-M6R6 vulnerabilities

Vulnerabilities for packages:...

GHSA-JFV3-GH3J-C5R7 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-0409 vulnerabilities

Vulnerabilities for packages:...

GHSA-RCJ8-JX65-7C4R vulnerabilities

Vulnerabilities for packages:...

CVE-2024-0229 vulnerabilities

Vulnerabilities for packages:...

GHSA-2X93-8973-5MGQ vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31083 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-38460

In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...

CVE-2024-38460

In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...

CVE-2024-38462

iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106...

CVE-2024-38460

In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today...

Exploit for OS Command Injection in Php

CVE-2024-4577 In PHP when using Apache and PHP-CGI on...

Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan

Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile...

CVE-2024-4258

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...

CVE-2024-4551

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...

CVE-2024-4551

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...