Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

BIG-IP (AFM, ASM) Security Vulnerabilities

wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, falcoctl, nats, trillian, osv-scanner, step-ca, kaniko, aws-efs-csi-driver, thanos, kubernetes-csi-external-provisioner, capslock, k8sgpt, datadog-agent, kots, kubeadm-bootstrap-controller, spicedb, temporal-server,...

7.5AI Score

2024-06-26 09:08 AM
180
wolfi
wolfi

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, ip-masq-agent, kubernetes, spark-operator, aws-ebs-csi-driver, cluster-autoscaler, node-feature-discovery, kubernetes-csi-driver-hostpath, local-static-provisioner, nodetaint,...

2.7CVSS

4.3AI Score

0.0004EPSS

2024-06-26 09:08 AM
75
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: envoy-ratelimit, gobuster, nats, aws-efs-csi-driver, thanos, kots, kubernetes-csi-livenessprobe, external-dns, grype, ollama, pulumi-language-dotnet, tctl, metacontroller, tomcat, vault-csi-provider, prometheus, up, gitlab-runner, telegraf,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-26 09:08 AM
608
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.8AI Score

0.0004EPSS

2024-06-26 09:08 AM
192
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, spicedb, temporal-server, velero-plugin-for-aws, ollama, timestamp-authority, pulumi-language-dotnet, hubble, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic,...

6.8AI Score

0.0004EPSS

2024-06-26 09:08 AM
58
wolfi
wolfi

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, trillian, osv-scanner, step-ca, logstash, flyte, aws-efs-csi-driver, thanos, go, gosu, capslock, jitsucom-bulker, k8sgpt, kubernetes-csi-external-provisioner, local-static-provisioner, dask-gateway, snyk-cli, helm-push,...

7.5AI Score

2024-06-26 09:08 AM
16
wolfi
wolfi

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, snyk-cli, spicedb, velero-plugin-for-aws, ollama, kube-vip, timestamp-authority, pulumi-language-dotnet, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic, nri-nginx,....

5.5CVSS

6.1AI Score

0.0004EPSS

2024-06-26 09:08 AM
24
wolfi
wolfi

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: gobuster, nats, dgraph, render-template, flannel-cni-plugin, sbom-scorecard, gitlab-logger, slsa-verifier, gosu, prometheus-stackdriver-exporter, sops, cni-plugins, gke-gcloud-auth-plugin, gops, helm-push, cortex, docker-cli, sonobuoy, aactl, wait-for-port,...

7.5CVSS

7.9AI Score

0.001EPSS

2024-06-26 09:08 AM
59
wolfi
wolfi

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.8AI Score

0.0004EPSS

2024-06-26 09:08 AM
42
wolfi
wolfi

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM
28
wolfi
wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, falcoctl, nats, trillian, osv-scanner, step-ca, kaniko, aws-efs-csi-driver, thanos, kubernetes-csi-external-provisioner, capslock, k8sgpt, datadog-agent, kots, kubeadm-bootstrap-controller, spicedb, temporal-server,...

6.7AI Score

0.0004EPSS

2024-06-26 09:08 AM
30
wolfi
wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, trillian, osv-scanner, step-ca, logstash, flyte, aws-efs-csi-driver, thanos, go, gosu, capslock, jitsucom-bulker, k8sgpt, kubernetes-csi-external-provisioner, local-static-provisioner, dask-gateway, snyk-cli, helm-push,...

6.5AI Score

0.0004EPSS

2024-06-26 09:08 AM
21
wolfi
wolfi

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, spicedb, temporal-server, velero-plugin-for-aws, ollama, timestamp-authority, pulumi-language-dotnet, hubble, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic,...

7.5AI Score

2024-06-26 09:08 AM
20
wolfi
wolfi

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, trillian, osv-scanner, step-ca, logstash, flyte, aws-efs-csi-driver, thanos, go, gosu, capslock, jitsucom-bulker, k8sgpt, kubernetes-csi-external-provisioner, local-static-provisioner, dask-gateway, snyk-cli, helm-push,...

7.5AI Score

2024-06-26 09:08 AM
21
wolfi
wolfi

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, snyk-cli, spicedb, velero-plugin-for-aws, ollama, kube-vip, timestamp-authority, pulumi-language-dotnet, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic, nri-nginx,....

9.8CVSS

9.8AI Score

0.001EPSS

2024-06-26 09:08 AM
49
wolfi
wolfi

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM
22
wolfi
wolfi

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM
24
wolfi
wolfi

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM
21
wolfi
wolfi

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, ip-masq-agent, spark-operator, aws-ebs-csi-driver, aws-efs-csi-driver, cluster-autoscaler, prometheus-adapter, nodetaint,...

8.8CVSS

8.1AI Score

0.001EPSS

2024-06-26 09:08 AM
34
wolfi
wolfi

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, ip-masq-agent, spark-operator, aws-ebs-csi-driver, aws-efs-csi-driver, cluster-autoscaler, prometheus-adapter, nodetaint,...

7.5AI Score

2024-06-26 09:08 AM
12
wolfi
wolfi

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: gobuster, nats, dgraph, render-template, flannel-cni-plugin, sbom-scorecard, gitlab-logger, slsa-verifier, gosu, prometheus-stackdriver-exporter, sops, cni-plugins, gke-gcloud-auth-plugin, gops, helm-push, cortex, docker-cli, sonobuoy, aactl, wait-for-port,...

5.3CVSS

7.2AI Score

0.001EPSS

2024-06-26 09:08 AM
28
wolfi
wolfi

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: gobuster, nats, dgraph, render-template, flannel-cni-plugin, sbom-scorecard, gitlab-logger, slsa-verifier, gosu, prometheus-stackdriver-exporter, sops, cni-plugins, gke-gcloud-auth-plugin, gops, helm-push, cortex, docker-cli, sonobuoy, aactl, wait-for-port,...

7.5AI Score

2024-06-26 09:08 AM
21
wolfi
wolfi

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: gobuster, nats, dgraph, render-template, flannel-cni-plugin, sbom-scorecard, gitlab-logger, slsa-verifier, gosu, prometheus-stackdriver-exporter, sops, cni-plugins, gke-gcloud-auth-plugin, gops, helm-push, cortex, docker-cli, sonobuoy, aactl, wait-for-port,...

7.5AI Score

2024-06-26 09:08 AM
20
wolfi
wolfi

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: envoy-ratelimit, gobuster, nats, aws-efs-csi-driver, thanos, kots, kubernetes-csi-livenessprobe, external-dns, grype, ollama, pulumi-language-dotnet, tctl, metacontroller, tomcat, vault-csi-provider, prometheus, up, gitlab-runner, telegraf,...

7.5AI Score

2024-06-26 09:08 AM
26
wolfi
wolfi

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.8AI Score

0.0004EPSS

2024-06-26 09:08 AM
19
wolfi
wolfi

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.8AI Score

0.0004EPSS

2024-06-26 09:08 AM
21
wolfi
wolfi

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

7.5AI Score

2024-06-26 09:08 AM
24
wolfi
wolfi

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, snyk-cli, spicedb, velero-plugin-for-aws, ollama, kube-vip, timestamp-authority, pulumi-language-dotnet, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic, nri-nginx,....

7.5AI Score

2024-06-26 09:08 AM
3
wolfi
wolfi

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, trillian, osv-scanner, step-ca, logstash, flyte, aws-efs-csi-driver, thanos, go, gosu, capslock, jitsucom-bulker, k8sgpt, kubernetes-csi-external-provisioner, local-static-provisioner, dask-gateway, snyk-cli, helm-push,...

6.5AI Score

0.0004EPSS

2024-06-26 09:08 AM
18
wolfi
wolfi

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, falcoctl, nri-jmx, xcaddy, kaniko, capslock, nri-consul, snyk-cli, spicedb, velero-plugin-for-aws, ollama, kube-vip, timestamp-authority, pulumi-language-dotnet, runc, vault-csi-provider, trivy, nats-server, telegraf, supercronic, nri-nginx,....

7.5AI Score

2024-06-26 09:08 AM
4
wolfi
wolfi

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: crossplane-provider-azure, envoy-ratelimit, gobuster, nats, trillian, flannel-cni-plugin, bazelisk, aws-efs-csi-driver, thanos, gosu, kubernetes-csi-external-provisioner, capslock, k8sgpt, cni-plugins, dask-gateway, datadog-agent, helm-push,...

6AI Score

0.0004EPSS

2024-06-26 09:08 AM
19
wolfi
wolfi

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, ip-masq-agent, kubernetes, spark-operator, aws-ebs-csi-driver, cluster-autoscaler, node-feature-discovery, kubernetes-csi-driver-hostpath, local-static-provisioner, nodetaint,...

7.5AI Score

2024-06-26 09:08 AM
6
nvd
nvd

CVE-2024-4869

The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS

0.001EPSS

2024-06-26 12:15 AM
3
cve
cve

CVE-2024-4869

The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS

6.2AI Score

0.001EPSS

2024-06-26 12:15 AM
7
redos
redos

ROS-20240626-07

A vulnerability in the Net::CIDR::Lite module of the Perl programming language interpreter is related to bugs in the handling foreign null characters at the beginning of an IP address string. Exploitation of the vulnerability could allow an attacker acting remotely to bypass access...

6.9AI Score

0.0004EPSS

2024-06-26 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2190-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2190-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The...

9.8CVSS

9.3AI Score

EPSS

2024-06-26 12:00 AM
cvelist
cvelist

CVE-2024-4869 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header

The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS

0.001EPSS

2024-06-25 11:35 PM
2
nvd
nvd

CVE-2024-4197

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...

9.9CVSS

0.0004EPSS

2024-06-25 04:15 AM
5
cve
cve

CVE-2024-4197

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...

9.9CVSS

9.7AI Score

0.0004EPSS

2024-06-25 04:15 AM
9
cve
cve

CVE-2024-4196

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to...

10CVSS

9.6AI Score

0.0004EPSS

2024-06-25 04:15 AM
17
nvd
nvd

CVE-2024-4196

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to...

10CVSS

0.0004EPSS

2024-06-25 04:15 AM
3
cvelist
cvelist

CVE-2024-4197 Avaya IP Office One-X Portal File Upload Vulnerability

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...

9.9CVSS

0.0004EPSS

2024-06-25 04:01 AM
5
vulnrichment
vulnrichment

CVE-2024-4197 Avaya IP Office One-X Portal File Upload Vulnerability

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...

9.9CVSS

7.6AI Score

0.0004EPSS

2024-06-25 04:01 AM
cvelist
cvelist

CVE-2024-4196 Avaya IP Office Web Control RCE Vulnerability

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to...

10CVSS

0.0004EPSS

2024-06-25 04:00 AM
7
thn
thn

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts

Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the...

7.2AI Score

2024-06-25 03:32 AM
9
ubuntucve
ubuntucve

CVE-2024-34777

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: fix node id validation While validating node ids in map_benchmark_ioctl(), node_possible() may be provided with invalid argument outside of [0,MAX_NUMNODES-1] range leading to: BUG: KASAN:...

0.0004EPSS

2024-06-25 12:00 AM
ubuntucve
ubuntucve

CVE-2024-39277

In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMA_NO_NODE correctly cpumask_of_node() can be called for NUMA_NO_NODE inside do_map_benchmark() resulting in the following sanitizer report: UBSAN: array-index-out-of-bounds in...

7.8CVSS

0.0004EPSS

2024-06-25 12:00 AM
ubuntucve
ubuntucve

CVE-2024-33621

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-&gt;sk in ipvlan_process_v{4,6}_outbound Raw packet from PF_PACKET socket ontop of an IPv6-backed ipvlan device will hit WARN_ON_ONCE() in sk_mc_loop() through sch_direct_xmit() path. WARNING: CPU: 2 PID: 0 at....

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2185-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2185-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: .....

9.8CVSS

8.2AI Score

0.005EPSS

2024-06-25 12:00 AM
ubuntucve
ubuntucve

CVE-2024-36270

In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...

0.0004EPSS

2024-06-25 12:00 AM
Total number of security vulnerabilities72209