Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

BIG-IP AFM & PEM Security Vulnerabilities

nvd
nvd

CVE-2024-4869

The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS

EPSS

2024-06-26 12:15 AM
1
cve
cve

CVE-2024-4869

The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS

6.2AI Score

EPSS

2024-06-26 12:15 AM
3
cvelist
cvelist

CVE-2024-4869 WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header

The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS

EPSS

2024-06-25 11:35 PM
2
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: grpcurl, argo-workflows, cri-tools, metallb, timoni, cilium, aws-load-balancer-controller, calico, tekton-pipelines, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, secrets-store-csi-driver, kubernetes-csi-external-snapshotter, nuclei,...

7.5AI Score

2024-06-25 03:33 PM
179
wolfi
wolfi

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kubernetes-dns-node-cache, ip-masq-agent, local-static-provisioner, calico, spark-operator, aws-ebs-csi-driver, kubernetes, cluster-autoscaler, node-feature-discovery,...

2.7CVSS

4.3AI Score

0.0004EPSS

2024-06-25 03:33 PM
75
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: grpcurl, git-lfs, calico, nri-prometheus, gitness, kubewatch, cilium-envoy, stakater-reloader, secrets-store-csi-driver, gomplate, amass, hey, nginx-stable, dotnet, terraform-provider-azurerm, envoy-ratelimit, secrets-store-csi-driver-provider-gcp, kind,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-25 03:33 PM
608
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.8AI Score

0.0004EPSS

2024-06-25 03:33 PM
191
wolfi
wolfi

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: grpcurl, aws-flb-cloudwatch, go-md2man, protoc-gen-go-grpc, dgraph, scorecard, docker-cli, aws-flb-kinesis, sonobuoy, smarter-device-manager, aws-flb-firehose, cilium-envoy, mage, prometheus-stackdriver-exporter, gosu, goreleaser, falco, amass, flannel-cni-plugin,...

7.5CVSS

7.9AI Score

0.001EPSS

2024-06-25 03:33 PM
59
wolfi
wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: grpcurl, argo-workflows, cri-tools, metallb, timoni, cilium, aws-load-balancer-controller, calico, tekton-pipelines, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, secrets-store-csi-driver, kubernetes-csi-external-snapshotter, nuclei,...

6.7AI Score

0.0004EPSS

2024-06-25 03:33 PM
30
wolfi
wolfi

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.8AI Score

0.0004EPSS

2024-06-25 03:33 PM
42
wolfi
wolfi

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.5AI Score

2024-06-25 03:33 PM
28
wolfi
wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: grpcurl, cri-tools, timoni, spegel, dive, git-lfs, kubebuilder, tekton-pipelines, nri-prometheus, smarter-device-manager, gitness, kubewatch, q, secrets-store-csi-driver, kubernetes-csi-external-snapshotter, kustomize, gomplate, kube-state-metrics, spqr,...

6.5AI Score

0.0004EPSS

2024-06-25 03:33 PM
19
wolfi
wolfi

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: grpcurl, cri-tools, timoni, spegel, dive, git-lfs, kubebuilder, tekton-pipelines, nri-prometheus, smarter-device-manager, gitness, kubewatch, q, secrets-store-csi-driver, kubernetes-csi-external-snapshotter, kustomize, gomplate, kube-state-metrics, spqr,...

7.5AI Score

2024-06-25 03:33 PM
16
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: grpcurl, spegel, gitness, kubernetes-csi-external-snapshotter, hcloud, secrets-store-csi-driver-provider-azure, dataplaneapi, kyverno-policy-reporter-kyverno-plugin, neuvector-scanner, kuberay-operator, node-feature-discovery, chartmuseum, kargo, temporal,...

6.8AI Score

0.0004EPSS

2024-06-25 03:33 PM
58
wolfi
wolfi

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: grpcurl, spegel, gitness, kubernetes-csi-external-snapshotter, hcloud, secrets-store-csi-driver-provider-azure, dataplaneapi, kyverno-policy-reporter-kyverno-plugin, neuvector-scanner, kuberay-operator, chartmuseum, node-feature-discovery, kargo, temporal,...

5.5CVSS

6.1AI Score

0.0004EPSS

2024-06-25 03:33 PM
23
wolfi
wolfi

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.5AI Score

2024-06-25 03:33 PM
22
wolfi
wolfi

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.5AI Score

2024-06-25 03:33 PM
24
wolfi
wolfi

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.5AI Score

2024-06-25 03:33 PM
21
wolfi
wolfi

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: grpcurl, spegel, gitness, kubernetes-csi-external-snapshotter, hcloud, secrets-store-csi-driver-provider-azure, dataplaneapi, kyverno-policy-reporter-kyverno-plugin, neuvector-scanner, kuberay-operator, node-feature-discovery, chartmuseum, kargo, temporal,...

7.5AI Score

2024-06-25 03:33 PM
20
wolfi
wolfi

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: grpcurl, cri-tools, timoni, spegel, dive, git-lfs, kubebuilder, tekton-pipelines, nri-prometheus, smarter-device-manager, gitness, kubewatch, q, secrets-store-csi-driver, kubernetes-csi-external-snapshotter, kustomize, gomplate, kube-state-metrics, spqr,...

7.5AI Score

2024-06-25 03:33 PM
21
wolfi
wolfi

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: grpcurl, spegel, gitness, kubernetes-csi-external-snapshotter, hcloud, secrets-store-csi-driver-provider-azure, dataplaneapi, kyverno-policy-reporter-kyverno-plugin, neuvector-scanner, kuberay-operator, chartmuseum, node-feature-discovery, kargo, temporal,...

9.8CVSS

9.8AI Score

0.001EPSS

2024-06-25 03:33 PM
49
wolfi
wolfi

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: prometheus-adapter, ip-masq-agent, spark-operator, calico, aws-ebs-csi-driver, kubernetes-dns-node-cache, cluster-autoscaler, aws-efs-csi-driver,...

8.8CVSS

8.1AI Score

0.001EPSS

2024-06-25 03:33 PM
34
wolfi
wolfi

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: prometheus-adapter, ip-masq-agent, spark-operator, calico, aws-ebs-csi-driver, kubernetes-dns-node-cache, cluster-autoscaler, aws-efs-csi-driver,...

7.5AI Score

2024-06-25 03:33 PM
12
wolfi
wolfi

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.5AI Score

2024-06-25 03:33 PM
23
wolfi
wolfi

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: grpcurl, spegel, gitness, kubernetes-csi-external-snapshotter, hcloud, secrets-store-csi-driver-provider-azure, dataplaneapi, kyverno-policy-reporter-kyverno-plugin, neuvector-scanner, kuberay-operator, chartmuseum, node-feature-discovery, kargo, temporal,...

7.5AI Score

2024-06-25 03:33 PM
2
wolfi
wolfi

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: grpcurl, aws-flb-cloudwatch, go-md2man, protoc-gen-go-grpc, dgraph, scorecard, docker-cli, aws-flb-kinesis, sonobuoy, smarter-device-manager, aws-flb-firehose, cilium-envoy, mage, prometheus-stackdriver-exporter, gosu, goreleaser, falco, amass, flannel-cni-plugin,...

5.3CVSS

7.2AI Score

0.001EPSS

2024-06-25 03:33 PM
27
wolfi
wolfi

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: grpcurl, aws-flb-cloudwatch, go-md2man, protoc-gen-go-grpc, dgraph, scorecard, docker-cli, aws-flb-kinesis, sonobuoy, smarter-device-manager, aws-flb-firehose, cilium-envoy, mage, prometheus-stackdriver-exporter, gosu, goreleaser, falco, amass, flannel-cni-plugin,...

7.5AI Score

2024-06-25 03:33 PM
19
wolfi
wolfi

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: grpcurl, aws-flb-cloudwatch, go-md2man, protoc-gen-go-grpc, dgraph, scorecard, docker-cli, aws-flb-kinesis, sonobuoy, smarter-device-manager, aws-flb-firehose, cilium-envoy, mage, prometheus-stackdriver-exporter, gosu, goreleaser, falco, amass, flannel-cni-plugin,...

7.5AI Score

2024-06-25 03:33 PM
20
wolfi
wolfi

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: grpcurl, git-lfs, calico, nri-prometheus, gitness, kubewatch, cilium-envoy, stakater-reloader, secrets-store-csi-driver, gomplate, amass, hey, nginx-stable, dotnet, terraform-provider-azurerm, envoy-ratelimit, secrets-store-csi-driver-provider-gcp, kind,...

7.5AI Score

2024-06-25 03:33 PM
25
wolfi
wolfi

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.8AI Score

0.0004EPSS

2024-06-25 03:33 PM
20
wolfi
wolfi

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

7.8AI Score

0.0004EPSS

2024-06-25 03:33 PM
18
wolfi
wolfi

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: grpcurl, spegel, gitness, kubernetes-csi-external-snapshotter, hcloud, secrets-store-csi-driver-provider-azure, dataplaneapi, kyverno-policy-reporter-kyverno-plugin, neuvector-scanner, kuberay-operator, chartmuseum, node-feature-discovery, kargo, temporal,...

7.5AI Score

2024-06-25 03:33 PM
4
wolfi
wolfi

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: grpcurl, nri-mssql, cri-tools, metallb, timoni, aws-load-balancer-controller, dive, vite, kubebuilder, nri-haproxy, calico, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, q, kubernetes-csi-external-snapshotter, nuclei, kustomize,...

6AI Score

0.0004EPSS

2024-06-25 03:33 PM
19
wolfi
wolfi

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: grpcurl, cri-tools, timoni, spegel, dive, git-lfs, kubebuilder, tekton-pipelines, nri-prometheus, smarter-device-manager, gitness, kubewatch, q, secrets-store-csi-driver, kubernetes-csi-external-snapshotter, kustomize, gomplate, kube-state-metrics, spqr,...

6.5AI Score

0.0004EPSS

2024-06-25 03:33 PM
18
wolfi
wolfi

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kubernetes-dns-node-cache, ip-masq-agent, local-static-provisioner, calico, spark-operator, aws-ebs-csi-driver, kubernetes, cluster-autoscaler, node-feature-discovery,...

7.5AI Score

2024-06-25 03:33 PM
6
nvd
nvd

CVE-2024-4197

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...

9.9CVSS

0.0004EPSS

2024-06-25 04:15 AM
5
cve
cve

CVE-2024-4197

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...

9.9CVSS

9.7AI Score

0.0004EPSS

2024-06-25 04:15 AM
6
cve
cve

CVE-2024-4196

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to...

10CVSS

9.6AI Score

0.0004EPSS

2024-06-25 04:15 AM
13
nvd
nvd

CVE-2024-4196

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to...

10CVSS

0.0004EPSS

2024-06-25 04:15 AM
3
cvelist
cvelist

CVE-2024-4197 Avaya IP Office One-X Portal File Upload Vulnerability

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...

9.9CVSS

0.0004EPSS

2024-06-25 04:01 AM
5
vulnrichment
vulnrichment

CVE-2024-4197 Avaya IP Office One-X Portal File Upload Vulnerability

An unrestricted file upload vulnerability in Avaya IP Office was discovered that could allow remote command or code execution via the One-X component. Affected versions include all versions prior to...

9.9CVSS

7.6AI Score

0.0004EPSS

2024-06-25 04:01 AM
cvelist
cvelist

CVE-2024-4196 Avaya IP Office Web Control RCE Vulnerability

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to...

10CVSS

0.0004EPSS

2024-06-25 04:00 AM
6
thn
thn

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts

Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the...

7.2AI Score

2024-06-25 03:32 AM
9
nessus
nessus

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2024-1813)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS,...

5.3CVSS

7.2AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2185-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2185-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: .....

7.8CVSS

8.2AI Score

0.0005EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1834)

The remote host is missing an update for the Huawei...

5.3CVSS

7.5AI Score

0.0005EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1813)

The remote host is missing an update for the Huawei...

5.3CVSS

7.5AI Score

0.0005EPSS

2024-06-25 12:00 AM
nvd
nvd

CVE-2024-38894

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of...

0.0004EPSS

2024-06-24 09:15 PM
2
cve
cve

CVE-2024-38894

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of...

7.7AI Score

0.0004EPSS

2024-06-24 09:15 PM
5
nvd
nvd

CVE-2024-38373

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...

9.6CVSS

0.0004EPSS

2024-06-24 05:15 PM
5
Total number of security vulnerabilities70509