Vulnerabilities for packages: spark-operator, kubernetes-dns-node-cache, aws-ebs-csi-driver, aws-efs-csi-driver, cluster-autoscaler, prometheus-adapter, calico, nodetaint,...
8.8CVSS
8.1AI Score
0.001EPSS
GHSA-HQ6Q-C2X6-HMCH vulnerabilities
Vulnerabilities for packages: spark-operator, kubernetes-dns-node-cache, aws-ebs-csi-driver, aws-efs-csi-driver, cluster-autoscaler, prometheus-adapter, calico, nodetaint,...
7.5AI Score
CVE-2024-26147 vulnerabilities
Vulnerabilities for packages: zot, cert-manager, cilium-cli, kots, kubescape, up, istio-operator, k9s, flux-source-controller, eksctl, chartmuseum, k8sgpt, flux-helm-controller, helm-push, trivy, zarf,...
7.5CVSS
7.7AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
9.8CVSS
9.9AI Score
0.005EPSS
GHSA-88JX-383Q-W4QC vulnerabilities
Vulnerabilities for packages: policy-controller, ko, gitsign, skaffold, zot, aactl, vexctl, wolfictl, tkn, spire-server, flux-source-controller, slsa-verifier, melange, neuvector-sigstore-interface, apko, goreleaser, kubescape, tekton-chains, falcoctl, falco,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: overmind, flux-image-reflector-controller, delve, thanos, ctop, govulncheck, hcloud, kubernetes-csi-external-resizer, pulumi-language-dotnet, trivy, jitsucom-bulker, prometheus-mysqld-exporter, traefik, kubecolor, vt-cli, regclient, mockery, influx,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, wait-for-port, nsc, nri-f5, prometheus-nats-exporter, controller-gen, nri-prometheus, kubebuilder, step, crossplane-provider-azure, k8ssandra-operator,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: hivemind, trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, age, wait-for-port, nsc, nri-f5, kafka-proxy, prometheus-nats-exporter, controller-gen, nri-prometheus, extism, kubebuilder, step,...
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, kube-fluentd-operator, terraform, k8sgpt-operator, pulumi-language-dotnet, kubernetes-csi-external-resizer, prometheus-mysqld-exporter, istio-pilot-discovery, aws-load-balancer-controller, gobuster, up, memcached-exporter,...
7.5CVSS
8.4AI Score
0.002EPSS
CVE-2024-29902 vulnerabilities
Vulnerabilities for packages: policy-controller, ko, gitsign, skaffold, zot, aactl, vexctl, wolfictl, tkn, spire-server, flux-source-controller, slsa-verifier, melange, neuvector-sigstore-interface, apko, goreleaser, kubescape, tekton-chains, falcoctl, falco,...
4.2CVSS
4.5AI Score
0.0004EPSS
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, cert-manager, kubernetes-csi-external-attacher, thanos, buildkitd, dynamic-localpv-provisioner, node-problem-detector, ko, kubevela, prometheus-blackbox-exporter, terraform, aws-efs-csi-driver, vault-csi-provider, pulumi-language-dotnet,...
7.5AI Score
CVE-2024-29903 vulnerabilities
Vulnerabilities for packages: policy-controller, ko, gitsign, skaffold, zot, aactl, vexctl, wolfictl, tkn, spire-server, flux-source-controller, slsa-verifier, melange, neuvector-sigstore-interface, apko, goreleaser, kubescape, tekton-chains, falcoctl, falco,...
4.2CVSS
4.6AI Score
0.0004EPSS
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: hivemind, trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, age, wait-for-port, nsc, nri-f5, kafka-proxy, prometheus-nats-exporter, controller-gen, nri-prometheus, extism, kubebuilder, step,...
7.5AI Score
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: kind, hey, ctop, docker-cli, flannel-cni-plugin, nats, gitlab-logger, aws-flb-firehose, cortex, go-licenses, aactl, gobuster, metrics-server, configmap-reload, influx, aws-flb-kinesis, cilium-envoy, go-md2man, sbom-scorecard, cni-plugins, ip-masq-agent,...
5.3CVSS
7.2AI Score
0.001EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: kind, hey, ctop, docker-cli, flannel-cni-plugin, nats, gitlab-logger, aws-flb-firehose, cortex, go-licenses, aactl, gobuster, metrics-server, configmap-reload, influx, aws-flb-kinesis, cilium-envoy, go-md2man, sbom-scorecard, cni-plugins, ip-masq-agent,...
7.5AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: kind, hey, ctop, docker-cli, flannel-cni-plugin, nats, gitlab-logger, aws-flb-firehose, cortex, go-licenses, aactl, gobuster, metrics-server, configmap-reload, influx, aws-flb-kinesis, cilium-envoy, go-md2man, sbom-scorecard, cni-plugins, ip-masq-agent,...
7.5AI Score
CVE-2024-28180 vulnerabilities
Vulnerabilities for packages: cert-manager, policy-controller, ko, gitsign, cosign, fulcio, skaffold, grafana, istio-pilot-discovery, aactl, istio-operator, keda, vault, vexctl, wolfictl, external-secrets-operator, tkn, oauth2-proxy, tekton-pipelines, flux-kustomize-controller, dex, cilium,...
4.3CVSS
6AI Score
0.0005EPSS
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, kube-fluentd-operator, terraform, k8sgpt-operator, pulumi-language-dotnet, kubernetes-csi-external-resizer, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, memcached-exporter, nvidia-device-plugin, mc,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, kube-fluentd-operator, terraform, k8sgpt-operator, pulumi-language-dotnet, kubernetes-csi-external-resizer, prometheus-mysqld-exporter, istio-pilot-discovery, aws-load-balancer-controller, gobuster, up, memcached-exporter,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, kube-fluentd-operator, terraform, trivy, prometheus-mysqld-exporter, traefik, istio-pilot-discovery, gobuster, up, memcached-exporter, bank-vaults, gatekeeper, flux, weaviate, k3s, cloud-sql-proxy, cilium-cli, nsc,...
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: thanos, terraform, pulumi-language-dotnet, traefik, gobuster, up, memcached-exporter, nvidia-device-plugin, mc, tomcat, neuvector-agent, gatekeeper, pulumi-language-java, weaviate, envoy-ratelimit, terraform-provider-azurerm, nri-prometheus,...
7.5AI Score
GHSA-MW99-9CHC-XW7R vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, bom, kubevela, gitsign, pulumi-language-dotnet, zot, go-licenses, src-fingerprint, pulumi-language-java, tekton-pipelines, flux-kustomize-controller, pulumi, pulumi-language-yaml, argo-cd, nuclei, scorecard, gomplate, apko, goreleaser,...
7.5AI Score
GHSA-V53G-5GJP-272R vulnerabilities
Vulnerabilities for packages: zot, cert-manager, cilium-cli, kots, kubescape, up, istio-operator, k9s, flux-source-controller, eksctl, chartmuseum, k8sgpt, flux-helm-controller, helm-push, trivy, zarf,...
7.5AI Score
9.8CVSS
9.9AI Score
0.005EPSS
9.8CVSS
9.9AI Score
0.005EPSS
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.8AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.8AI Score
0.0004EPSS
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: overmind, flux-image-reflector-controller, delve, thanos, ctop, govulncheck, hcloud, kubernetes-csi-external-resizer, pulumi-language-dotnet, trivy, jitsucom-bulker, prometheus-mysqld-exporter, traefik, kubecolor, vt-cli, regclient, mockery, influx,...
6.5AI Score
0.0004EPSS
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: hivemind, trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, age, wait-for-port, nsc, nri-f5, kafka-proxy, prometheus-nats-exporter, controller-gen, nri-prometheus, extism, kubebuilder, step,...
7.5AI Score
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: cert-manager, flux-image-reflector-controller, bom, buildkitd, ctop, policy-controller, kubevela, cri-tools, newrelic-infrastructure-agent, gitsign, cosign, flux-helm-controller, k9s, prometheus, trivy, traefik, skaffold, crane, filebeat, istio-pilot-discovery, zot,...
7.5AI Score
CVE-2023-49568 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, bom, kubevela, gitsign, pulumi-language-dotnet, zot, go-licenses, src-fingerprint, pulumi-language-java, tekton-pipelines, flux-kustomize-controller, pulumi, pulumi-language-yaml, argo-cd, nuclei, scorecard, gomplate, apko, goreleaser,...
7.5CVSS
7.8AI Score
0.0005EPSS
GHSA-PXHW-596R-RWQ5 vulnerabilities
Vulnerabilities for packages: node-feature-discovery, spark-operator, kubernetes-dns-node-cache, local-static-provisioner, aws-ebs-csi-driver, kubernetes, kubernetes-csi-driver-hostpath, cluster-autoscaler, calico, nodetaint,...
7.5AI Score
GHSA-XR7R-F8XQ-VFVV vulnerabilities
Vulnerabilities for packages: buildkitd, ctop, newrelic-infrastructure-agent, docker, k9s, trivy, syft, skaffold, zot, kubernetes, wolfictl, nvidia-device-plugin, k3s, k3d, skopeo, runc, kaniko, datadog-agent, grype, kubescape, kots, ingress-nginx-controller, telegraf, cadvisor, nerdctl,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
6AI Score
0.0004EPSS
app.lotterease.com Cross Site Scripting vulnerability OBB-3939482
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bridalpartytees.com Cross Site Scripting vulnerability OBB-3939481
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords
Update: As of 12:36PM EST, another plugin has been infected. We've updated the list below to include this fourth plugin and the plugins team has been notified. Update: As of 2:20 PM EST, two more plugins appear to have malicious commits, however, the releases have not officially been made meaning.....
7.2AI Score
tgpecatsib.tatamotors.com Cross Site Scripting vulnerability OBB-3939480
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
9.8CVSS
7.4AI Score
0.038EPSS
hanson.ad Cross Site Scripting vulnerability OBB-3939478
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
gratisspil.dk Cross Site Scripting vulnerability OBB-3939476
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
fysikoaerioellados.gr Cross Site Scripting vulnerability OBB-3939475
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
lasalina.es Cross Site Scripting vulnerability OBB-3939474
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CometBFT is unstability during blocksync when syncing from malicious peer
Name: ASA-2024-008: Instability during blocksync when syncing from malicious peer Component: CometBFT Criticality: Medium (ACMv1: I:Moderate; L: Possible) Affected versions: < v0.38.7 Summary An issue was identified for nodes syncing on an existing network during blocksync in which a malicious.....
6.7AI Score
search.staffs.ac.uk Cross Site Scripting vulnerability OBB-3939471
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
campion.edu.ro Cross Site Scripting vulnerability OBB-3939472
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
probabilistic-robotics.org Cross Site Scripting vulnerability OBB-3939470
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score