BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, Edge Gateway, PEM, WebSafe) Security Vulnerabilities

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

CVE-2024-6424 Server-Side Request Forgery vulnerability in MESbook

External server-side request vulnerability in MESbook 20221021.03 version, which could allow a remote, unauthenticated attacker to exploit the endpoint...

CVE-2024-6424 Server-Side Request Forgery vulnerability in MESbook

External server-side request vulnerability in MESbook 20221021.03 version, which could allow a remote, unauthenticated attacker to exploit the endpoint...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, calico, spark-operator, cluster-autoscaler, kubernetes-csi-driver-hostpath, kubernetes-dns-node-cache, ip-masq-agent, node-feature-discovery, nodetaint, local-static-provisioner,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, cosign, keda, syft, velero, cilium-cli, prometheus-beat-exporter, kots, restic, rook, rqlite, falcoctl, spicedb, vertical-pod-autoscaler, flux, configmap-reload, flux-notification-controller, fulcio, prometheus-stackdriver-exporter, dagger,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: coredns, dex, stakater-reloader, cosign, keda, rqlite, kots, istio-envoy, flux-notification-controller, prometheus-stackdriver-exporter, dgraph, nri-prometheus, ip-masq-agent, nginx-stable, goreleaser, minio, cert-manager, sigstore-scaffolding, envoy-ratelimit,...

GHSA-H75V-3VVJ-5MFJ vulnerabilities

Vulnerabilities for packages: py3-jinja2, confluent-docker-utils, kubeflow-jupyter-web-app, reflex, superset, dask-gateway, pytorch,...

CVE-2024-30251 vulnerabilities

Vulnerabilities for packages:...

GHSA-5M98-QGG9-WH84 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: gosu, go-licenses, aactl, flannel-cni-plugin, nats, render-template, gobuster, hey, k3d, go-bindata, mage, sbom-scorecard, sops, vertical-pod-autoscaler, cilium-envoy, configmap-reload, docker-cli, ctop, go-md2man, aws-flb-cloudwatch, prometheus-stackdriver-exporter,.....

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: falcosidekick, nri-mssql, ghaudit, flux, yq, newrelic-prometheus-configurator, dgraph, kubeadm-controlplane-controller, ip-masq-agent, kubernetes-ingress-defaultbackend, trillian, goreleaser, php-fpm_exporter, cfssl, metallb, buildkitd, loki, task, gitness,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: coredns, dex, falcosidekick, nvidia-container-toolkit, harbor-scanner-trivy, cosign, cilium-cli, mkcert, prometheus-beat-exporter, go-bindata, spicedb, falcoctl, ghaudit, vertical-pod-autoscaler, configmap-reload, flux-notification-controller, fulcio, go-md2man,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: coredns, dex, falcosidekick, nvidia-container-toolkit, harbor-scanner-trivy, cosign, cilium-cli, mkcert, prometheus-beat-exporter, go-bindata, spicedb, falcoctl, ghaudit, vertical-pod-autoscaler, configmap-reload, flux-notification-controller, fulcio, go-md2man,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: falcosidekick, nri-mssql, ghaudit, flux, yq, newrelic-prometheus-configurator, dgraph, kubeadm-controlplane-controller, ip-masq-agent, kubernetes-ingress-defaultbackend, trillian, php-fpm_exporter, cfssl, metallb, buildkitd, loki, task, gitness,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, cosign, keda, syft, velero, cilium-cli, prometheus-beat-exporter, kots, restic, rook, rqlite, falcoctl, spicedb, vertical-pod-autoscaler, flux, configmap-reload, flux-notification-controller, fulcio, prometheus-stackdriver-exporter, dagger,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

GHSA-753J-MPMX-QQ6G vulnerabilities

Vulnerabilities for packages: airflow, dask-gateway,...

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-katib, confluent-docker-utils, k8s-sidecar, kubeflow-jupyter-web-app, kubeflow-pipelines, ggshield, py3.10-tensorflow-core, py3-idna, py3-cassandra-medusa, az, dask-gateway, jwt-tool, kubeflow-volumes-web-app,...

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-katib, confluent-docker-utils, k8s-sidecar, kubeflow-jupyter-web-app, kubeflow-pipelines, ggshield, py3.10-tensorflow-core, py3-idna, py3-cassandra-medusa, az, dask-gateway, jwt-tool, kubeflow-volumes-web-app,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: falcosidekick, nri-mssql, ghaudit, flux, yq, newrelic-prometheus-configurator, dgraph, kubeadm-controlplane-controller, ip-masq-agent, kubernetes-ingress-defaultbackend, trillian, goreleaser, php-fpm_exporter, cfssl, metallb, buildkitd, loki, task, gitness,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: coredns, dex, falcosidekick, nvidia-container-toolkit, harbor-scanner-trivy, cosign, cilium-cli, mkcert, prometheus-beat-exporter, go-bindata, spicedb, falcoctl, ghaudit, vertical-pod-autoscaler, configmap-reload, flux-notification-controller, fulcio, go-md2man,...

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: falcosidekick, nri-mssql, ghaudit, flux, yq, newrelic-prometheus-configurator, dgraph, kubeadm-controlplane-controller, ip-masq-agent, kubernetes-ingress-defaultbackend, trillian, php-fpm_exporter, cfssl, metallb, buildkitd, loki, task, gitness,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, calico, spark-operator, aws-efs-csi-driver, cluster-autoscaler, kubernetes-dns-node-cache, prometheus-adapter, ip-masq-agent,...

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, calico, spark-operator, aws-efs-csi-driver, cluster-autoscaler, kubernetes-dns-node-cache, prometheus-adapter, ip-masq-agent,...

CVE-2024-34064 vulnerabilities

Vulnerabilities for packages: py3-jinja2, confluent-docker-utils, kubeflow-jupyter-web-app, reflex, superset, dask-gateway, pytorch,...

CVE-2024-27306 vulnerabilities

Vulnerabilities for packages: py3-cassandra-medusa,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: coredns, dex, stakater-reloader, cosign, keda, rqlite, kots, istio-envoy, flux-notification-controller, prometheus-stackdriver-exporter, dgraph, nri-prometheus, ip-masq-agent, nginx-stable, goreleaser, minio, cert-manager, sigstore-scaffolding, envoy-ratelimit,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: gosu, go-licenses, aactl, flannel-cni-plugin, nats, render-template, gobuster, hey, k3d, go-bindata, mage, sbom-scorecard, sops, vertical-pod-autoscaler, cilium-envoy, configmap-reload, docker-cli, ctop, go-md2man, aws-flb-cloudwatch, prometheus-stackdriver-exporter,.....

GHSA-7GPW-8WMC-PM8G vulnerabilities

Vulnerabilities for packages: py3-cassandra-medusa,...

CVE-2024-37891 vulnerabilities

Vulnerabilities for packages: airflow, confluent-docker-utils, k8s-sidecar, kubeflow-jupyter-web-app, kubeflow-pipelines, py3-urllib3, ggshield, reflex, superset, py3-cassandra-medusa, az, dask-gateway, kubeflow-katib, kubeflow-volumes-web-app,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: falcosidekick, nri-mssql, ghaudit, flux, yq, newrelic-prometheus-configurator, dgraph, kubeadm-controlplane-controller, ip-masq-agent, kubernetes-ingress-defaultbackend, trillian, php-fpm_exporter, cfssl, metallb, buildkitd, loki, task, gitness,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: gosu, go-licenses, aactl, flannel-cni-plugin, nats, render-template, gobuster, hey, k3d, go-bindata, mage, sbom-scorecard, sops, vertical-pod-autoscaler, cilium-envoy, configmap-reload, docker-cli, ctop, go-md2man, aws-flb-cloudwatch, prometheus-stackdriver-exporter,.....

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: gosu, go-licenses, aactl, flannel-cni-plugin, nats, render-template, gobuster, hey, k3d, go-bindata, mage, sbom-scorecard, sops, vertical-pod-autoscaler, cilium-envoy, configmap-reload, docker-cli, ctop, go-md2man, aws-flb-cloudwatch, prometheus-stackdriver-exporter,.....

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: coredns, dex, falcosidekick, nvidia-container-toolkit, harbor-scanner-trivy, cosign, cilium-cli, mkcert, prometheus-beat-exporter, go-bindata, spicedb, falcoctl, ghaudit, vertical-pod-autoscaler, configmap-reload, flux-notification-controller, fulcio, go-md2man,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: falcosidekick, nri-mssql, ghaudit, flux, yq, newrelic-prometheus-configurator, dgraph, kubeadm-controlplane-controller, ip-masq-agent, kubernetes-ingress-defaultbackend, trillian, php-fpm_exporter, cfssl, metallb, buildkitd, loki, task, gitness,...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, calico, spark-operator, cluster-autoscaler, kubernetes-csi-driver-hostpath, kubernetes-dns-node-cache, ip-masq-agent, node-feature-discovery, nodetaint, local-static-provisioner,...

GHSA-W235-7P84-XX57 vulnerabilities

Vulnerabilities for packages: airflow, dask-gateway,...

GHSA-34JH-P97F-MPXF vulnerabilities

Vulnerabilities for packages: airflow, confluent-docker-utils, k8s-sidecar, kubeflow-jupyter-web-app, kubeflow-pipelines, py3-urllib3, ggshield, reflex, superset, py3-cassandra-medusa, az, dask-gateway, kubeflow-katib, kubeflow-volumes-web-app,...

GHSA-V845-JXX5-VC9F vulnerabilities

Vulnerabilities for packages: k8s-sidecar, kubeflow-jupyter-web-app, py3-urllib3, dask-gateway, kubeflow-volumes-web-app,...

CVE-2023-43804 vulnerabilities

Vulnerabilities for packages: k8s-sidecar, kubeflow-jupyter-web-app, py3-urllib3, dask-gateway, kubeflow-volumes-web-app,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...