4.7CVSS
7.2AI Score
0.0004EPSS
7.5CVSS
7.7AI Score
0.001EPSS
7.5AI Score
9.8CVSS
7.1AI Score
0.002EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
CVE-2024-29903 vulnerabilities
Vulnerabilities for packages: ko, zot, skaffold, goreleaser, neuvector-sigstore-interface, vexctl, aactl, falcoctl, melange, zarf, slsa-verifier, gitsign, apko, falco, flux-source-controller, spire-server, tekton-chains, tkn, wolfictl, policy-controller,...
4.2CVSS
4.6AI Score
0.0004EPSS
7.5CVSS
7.7AI Score
0.001EPSS
3.8CVSS
4.8AI Score
0.0004EPSS
5.5CVSS
6.3AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: vault-k8s, mods, kube-bench, crossplane-provider-aws, smarter-device-manager, node-feature-discovery, prometheus-alertmanager, spicedb, trust-manager, cadvisor, direnv, skaffold, loki, src-fingerprint, external-secrets-operator, aactl, nats-server, falcoctl,...
6.5AI Score
0.0004EPSS
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: node-feature-discovery, prometheus-alertmanager, cadvisor, restic, metrics-server, postgres-operator, mc, sigstore-scaffolding, slsa-verifier, gitsign, nsc, govulncheck, kubernetes-dashboard, kubeadm-controlplane-controller, secrets-store-csi-driver-provider-aws,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: fq, vault-k8s, kube-bench, smarter-device-manager, envoy-ratelimit, consul, prometheus-alertmanager, nri-rabbitmq, cadvisor, datadog-agent, direnv, goreleaser, skaffold, loki, tctl, src-fingerprint, nats-server, temporal-server, yam, metrics-server, nri-kafka,...
5.9AI Score
0.0004EPSS
CVE-2024-21664 vulnerabilities
Vulnerabilities for packages: minio, vexctl, falco, boring-registry, external-secrets-operator, tekton-chains, spire-server, falcoctl, istio-operator, istio-pilot-discovery, mc, kubescape, istio-cni, istio-pilot-agent, kyverno,...
7.5CVSS
6.1AI Score
0.001EPSS
7.5AI Score
GHSA-PVCR-V8J8-J5Q3 vulnerabilities
Vulnerabilities for packages: minio, vexctl, falco, boring-registry, external-secrets-operator, tekton-chains, spire-server, falcoctl, istio-operator, istio-pilot-discovery, mc, kubescape, istio-cni, istio-pilot-agent, kyverno,...
7.5AI Score
GHSA-MR45-RX8Q-WCM9 vulnerabilities
Vulnerabilities for packages: minio, nats-server, telegraf, k3s,...
7.5AI Score
7.5CVSS
7.7AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.8CVSS
7.1AI Score
0.0004EPSS
7.5AI Score
7.8CVSS
7.1AI Score
0.0004EPSS
7.5AI Score
7.8CVSS
7.1AI Score
0.0004EPSS
In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...
4.9CVSS
7AI Score
EPSS
In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...
4.9CVSS
EPSS
iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106...
EPSS
In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...
4.9CVSS
EPSS
Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today...
7.8AI Score
Exploit for OS Command Injection in Php
CVE-2024-4577 In PHP when using Apache and PHP-CGI on...
9.8CVSS
8.7AI Score
0.932EPSS
Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan
Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile...
7AI Score
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...
9.8CVSS
9.8AI Score
0.001EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...
6.4CVSS
6.8AI Score
0.0004EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...
6.4CVSS
0.0004EPSS