BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), BIG-IQ Centralized Management, BIG-IQ Cloud And Orchestration, IWorkflow, Enterprise Manager Security Vulnerabilities

CVE-2024-5741

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0...

CVE-2024-5741

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0...

indialink-online.com Cross Site Scripting vulnerability OBB-3935871

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

fudogiken.co.jp Cross Site Scripting vulnerability OBB-3935868

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

cc-belley-bas-bugey.com Cross Site Scripting vulnerability OBB-3935858

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

blind.fish Cross Site Scripting vulnerability OBB-3935857

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

my.ict.co Cross Site Scripting vulnerability OBB-3935852

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

morimarket.blog.wox.cc Cross Site Scripting vulnerability OBB-3935845

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

mail.hospitalsanrafaeltunja.gov.co Cross Site Scripting vulnerability OBB-3935844

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for CVE-2024-4367

PDF.js Vulnerability Demo Project This project is intended to...

mainaloski.gr Cross Site Scripting vulnerability OBB-3935836

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5741 XSS in inventory view

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0...

Using LLMs to Exploit Vulnerabilities

Interesting research: "Teams of LLM Agents can Exploit Zero-Day Vulnerabilities." Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the...

en.bfsgroup.gr Cross Site Scripting vulnerability OBB-3935832

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

bazaar.benaki.org Cross Site Scripting vulnerability OBB-3935831

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake

A ShinyHunters hacker tells WIRED that they gained access to Ticketmaster’s Snowflake cloud account—and others—by first breaching a third-party...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: argo-cd, flux-source-controller, kyverno, cert-manager, external-secrets-operator, falco, rekor, aactl, oauth2-proxy, cloudflared, terragrunt, tekton-pipelines, cosign, spire-server, flux-kustomize-controller, traefik, kots, sops, dex, gitsign, slsa-verifier,...

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: skaffold, k3s, up, cert-manager, falco, k3d, aactl, tekton-pipelines, kpt, bom, ctop, loki, prometheus, goreleaser, slsa-verifier, paranoia, tekton-chains, scorecard, kubescape,...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: trivy, k9s, up, kots, flux-helm-controller, zarf, eksctl, cilium-cli, cert-manager, helm-push, helm-operator, kubescape, zot, flux-source-controller, istio-operator, chartmuseum,...

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: apko, skaffold, flux-source-controller, policy-controller, ko, falco, aactl, falcoctl, zarf, neuvector-sigstore-interface, spire-server, goreleaser, gitsign, slsa-verifier, melange, vexctl, zot, tekton-chains, tkn, wolfictl,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: consul, clusterctl, docker, policy-controller, crossplane, frp, cert-manager, flux-image-reflector-controller, external-secrets-operator, nri-discovery-kubernetes, kube-state-metrics, syft, gomplate, kubernetes-event-exporter, aws-load-balancer-controller,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: pombump, consul, nri-mssql, clusterctl, crossplane, render-template, vite, flux-image-reflector-controller, nri-discovery-kubernetes, kube-state-metrics, gomplate, kubernetes-event-exporter, aws-load-balancer-controller, newrelic-infrastructure-agent, thanos-operator,....

CVE-2024-0874 vulnerabilities

Vulnerabilities for packages: consul, kubernetes-dns-node-cache,...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: spark-operator, kubernetes-dns-node-cache, nodetaint, cluster-autoscaler, kubernetes, node-feature-discovery, calico, ip-masq-agent, kubernetes-csi-driver-hostpath, local-static-provisioner,...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: skaffold, k3s, docker, k3d, nvidia-device-plugin, syft, buildkitd, newrelic-infrastructure-agent, kaniko, trivy, zarf, ctop, telegraf, grype, ingress-nginx-controller, kots, nerdctl, skopeo, runc, cadvisor, k9s, kubernetes, zot, wolfictl, kubescape,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: skaffold, flux-source-controller, up, cert-manager, k3d, newrelic-infrastructure-agent, kaniko, trivy, tekton-pipelines, helm-push, ctop, telegraf, fuse-overlayfs-snapshotter, grype, kots, neuvector-agent, helm, cilium-cli, melange, flux-helm-controller, eksctl, zot,.....

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: trivy, k9s, up, kots, flux-helm-controller, zarf, eksctl, cilium-cli, cert-manager, helm-push, helm-operator, kubescape, zot, flux-source-controller, istio-operator, chartmuseum,...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy, buf, kaniko, grype, docker, melange, dagger, policy-controller, helm-push, tekton-pipelines, k3d, neuvector-scanner, wolfictl, docker-compose, syft, cri-tools,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: frp, cert-manager, gomplate, nginx-stable, newrelic-infrastructure-agent, influxd, opentofu, gatekeeper, nri-prometheus, flux-kustomize-controller, grype, wireguard-go, dex, haproxy-ingress, helm, gitlab-runner, git-lfs, vault-csi-provider, gitlab-shell,...

GHSA-888H-RM2R-VRC7 vulnerabilities

Vulnerabilities for packages: falco, policy-controller,...

CVE-2023-46402 vulnerabilities

Vulnerabilities for packages: argo-cd, flux-notification-controller, melange, argo-workflows,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: skaffold, k3s, kyverno, up, k8sgpt, policy-controller, cert-manager, flux-image-reflector-controller, falco, istio-pilot-agent, kargo, buildkitd, aactl, newrelic-infrastructure-agent, trivy, falcoctl, tekton-pipelines, zarf, crane, bom, ctop, telegraf, timoni, dagger,....

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: consul, clusterctl, docker, policy-controller, crossplane, frp, cert-manager, flux-image-reflector-controller, external-secrets-operator, nri-discovery-kubernetes, kube-state-metrics, syft, gomplate, kubernetes-event-exporter, aws-load-balancer-controller,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: pombump, consul, nri-mssql, clusterctl, crossplane, render-template, vite, flux-image-reflector-controller, nri-discovery-kubernetes, kube-state-metrics, gomplate, kubernetes-event-exporter, aws-load-balancer-controller, newrelic-infrastructure-agent, thanos-operator,....

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: pombump, consul, nri-mssql, clusterctl, crossplane, render-template, vite, flux-image-reflector-controller, nri-discovery-kubernetes, kube-state-metrics, gomplate, kubernetes-event-exporter, aws-load-balancer-controller, newrelic-infrastructure-agent, thanos-operator,....

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: flyte, grafana-mimir, kyverno, up, policy-controller, cert-manager, step-ca, flux-image-reflector-controller, external-secrets-operator, sqlpad, rekor, step, nuclei, harbor-registry, rook, restic, fluent-bit-plugin-loki, teleport, timestamp-authority, buildkitd,...

GHSA-M5VV-6R4H-3VJ9 vulnerabilities

Vulnerabilities for packages: flyte, grafana-mimir, kyverno, up, policy-controller, cert-manager, step-ca, flux-image-reflector-controller, external-secrets-operator, sqlpad, rekor, step, nuclei, harbor-registry, rook, restic, fluent-bit-plugin-loki, teleport, timestamp-authority, buildkitd,...

GHSA-3F2Q-6294-FMQ5 vulnerabilities

Vulnerabilities for packages: argo-cd, flux-notification-controller, melange, argo-workflows,...

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, py3.10-tensorflow-core, confluent-docker-utils, kubeflow-pipelines, dask-gateway, ggshield, jwt-tool, az, k8s-sidecar, py3-cassandra-medusa, kubeflow-volumes-web-app, py3-idna, datadog-agent,...

CVE-2023-45142 vulnerabilities

Vulnerabilities for packages: prometheus, gatekeeper, thanos, gitlab-kas, k3s, up, kubernetes, cert-manager, calico, prometheus-adapter, caddy, ipfs, keda,...

GHSA-RCJV-MGP8-QVMR vulnerabilities

Vulnerabilities for packages: prometheus, gatekeeper, thanos, gitlab-kas, k3s, up, kubernetes, cert-manager, calico, prometheus-adapter, caddy, ipfs, keda,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: crossplane, frp, render-template, bincapz, harbor-registry, gomplate, aws-load-balancer-controller, capslock, volume-modifier-for-k8s, ferretdb, nri-mysql, velero-plugin-for-aws, gitsign, caddy, gitlab-shell, guac, q, kubernetes-dashboard,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: pombump, clusterctl, gostatsd, policy-controller, crossplane, frp, cert-manager, render-template, flux-image-reflector-controller, external-secrets-operator, kube-state-metrics, extism, step, harbor-registry, libnvidia-container, gomplate, trivy,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: pombump, clusterctl, gostatsd, policy-controller, crossplane, frp, cert-manager, render-template, flux-image-reflector-controller, external-secrets-operator, kube-state-metrics, extism, step, harbor-registry, libnvidia-container, gomplate, trivy,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: crossplane, frp, render-template, extism, harbor-registry, gomplate, aws-load-balancer-controller, capslock, volume-modifier-for-k8s, ferretdb, nri-mysql, velero-plugin-for-aws, gitsign, caddy, gitlab-shell, q, kubernetes-dashboard,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: prometheus-bind-exporter, go-licenses, render-template, nri-discovery-kubernetes, falco, k3d, hey, kind, aactl, gops, helm-push, docker-cli, ctop, mage, nats, configmap-reload, protoc-gen-go-grpc, smarter-device-manager, aws-flb-cloudwatch, sbom-scorecard,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: consul, frp, flux-image-reflector-controller, external-secrets-operator, kube-state-metrics, gomplate, aws-load-balancer-controller, newrelic-infrastructure-agent, influxd, thanos-operator, nfs-subdir-external-provisioner, opentofu, gatekeeper, nri-prometheus,...

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, py3.10-tensorflow-core, confluent-docker-utils, kubeflow-pipelines, dask-gateway, ggshield, jwt-tool, az, k8s-sidecar, py3-cassandra-medusa, kubeflow-volumes-web-app, py3-idna, datadog-agent,...

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: harbor-scanner-trivy, buf, kaniko, grype, docker, melange, dagger, policy-controller, helm-push, tekton-pipelines, k3d, neuvector-scanner, wolfictl, docker-compose, syft, cri-tools,...

GHSA-M9W6-WP3H-VQ8G vulnerabilities

Vulnerabilities for packages: consul, kubernetes-dns-node-cache,...