Classified Listing Store & Membership Addon Security Vulnerabilities

CVE-2023-2878 vulnerabilities

Vulnerabilities for packages: vault-csi-provider,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, gatekeeper-fips, vault-k8s-fips, kots, metacontroller, flux-kustomize-controller-0.37, flux-notification-controller, pulumi-language-yaml, bank-vaults-fips, gobuster, kubernetes-csi-external-resizer-fips, fuse-overlayfs-snapshotter,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, tekton-pipelines, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, docker, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, dynamic-localpv-provisioner, cilium, goreleaser, spark-operator, k8sgpt,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, tekton-pipelines, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, tekton-pipelines, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic,...

GHSA-G82W-58JF-GCXX vulnerabilities

Vulnerabilities for packages: vault-csi-provider,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: keda-fips, tekton-pipelines, kubernetes-csi-livenessprobe-fips, extism, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, cert-manager-webhook-pdns-fips, dynamic-localpv-provisioner, spark-operator, bom, karpenter-fips, k8sgpt, rclone, neuvector-scanner, cue,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, cert-manager-fips, gatekeeper-fips, tigera-operator, vault-k8s-fips, kots, kubernetes-dashboard, flux-kustomize-controller-0.37, flux-notification-controller, boring-registry, tekton-pipelines, bank-vaults-fips, gobuster, grpc-health-probe,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, cert-manager-fips, vault-k8s-fips, kots, kubernetes-dashboard, metacontroller, flux-kustomize-controller-0.37, flux-notification-controller, pulumi-language-yaml, bank-vaults-fips, gobuster, kubernetes-csi-external-resizer-fips,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: keda-fips, tekton-pipelines, kubernetes-csi-livenessprobe-fips, extism, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, cert-manager-webhook-pdns-fips, dynamic-localpv-provisioner, spark-operator, bom, karpenter-fips, k8sgpt, rclone, neuvector-scanner, cue,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: keda-fips, tekton-pipelines, kubernetes-csi-livenessprobe-fips, extism, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, cert-manager-webhook-pdns-fips, dynamic-localpv-provisioner, spark-operator, bom, karpenter-fips, k8sgpt, rclone, neuvector-scanner, cue,...

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, cert-manager-fips, gatekeeper-fips, tigera-operator, vault-k8s-fips, kots, kubernetes-dashboard, flux-kustomize-controller-0.37, flux-notification-controller, boring-registry, tekton-pipelines, bank-vaults-fips, gobuster, grpc-health-probe,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, cert-manager-fips, kots, kubernetes-dashboard, metacontroller, flux-kustomize-controller-0.37, flux-notification-controller, pulumi-language-yaml, bank-vaults-fips, gobuster, kubernetes-csi-external-resizer-fips, fuse-overlayfs-snapshotter,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, cert-manager-fips, kots, kubernetes-dashboard, metacontroller, flux-kustomize-controller-0.37, flux-notification-controller, pulumi-language-yaml, bank-vaults-fips, gobuster, kubernetes-csi-external-resizer-fips, fuse-overlayfs-snapshotter,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, gatekeeper-fips, kots, flux-kustomize-controller-0.37, flux-notification-controller, pulumi-language-yaml, bank-vaults-fips, kubernetes-csi-external-resizer-fips, kubernetes-csi-node-driver-registrar, aws-ebs-csi-driver, metrics-server,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, gatekeeper-fips, vault-k8s-fips, kots, metacontroller, flux-kustomize-controller-0.37, flux-notification-controller, pulumi-language-yaml, bank-vaults-fips, gobuster, kubernetes-csi-external-resizer-fips, fuse-overlayfs-snapshotter,...

CVE-2024-35877

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings PAT handling won't do the right thing in COW mappings: the first PTE (or, in fact, all PTEs) can be replaced during write faults to point at anon folios. Reliably recovering the...

CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed in....

Qualys Enterprise TruRisk™ Platform Extends FIM with Real-Time Monitoring of Unauthorized Access to Sensitive Data and Configuration Change Detection on Network Devices

Introducing FIM 4.0 with File Access Monitoring (FAM) and Agentless FIM to ensure compliance with the new PCI 4.0 File Integrity Monitoring (FIM) solutions are essential for virtually any organization to help identify suspicious activities across critical system files and registries, diagnose...

CVE-2024-34241

A cross-site scripting (XSS) vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course...

CVE-2024-34241

A cross-site scripting (XSS) vulnerability in Rocketsoft Rocket LMS 1.9 allows an administrator to store a JavaScript payload using the admin web interface when creating new courses and new course...

Adi IRC credential gatherer

PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems. PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using...

CVE-2023-51401

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Beaver Builder: from n/a through...

CVE-2023-51398

Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through...

CVE-2023-51401

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Beaver Builder: from n/a through...

CVE-2023-51398

Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through...

CVE-2023-51356

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through...

CVE-2023-51356

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through...

CVE-2023-51401 WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.13 - Limited Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Beaver Builder: from n/a through...

CVE-2023-51398 WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.14 - Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through...

CVE-2023-51398 WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.14 - Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Privilege Escalation.This issue affects Ultimate Addons for Beaver Builder: from n/a through...

CVE-2023-51356 WordPress ARMember plugin <= 4.0.10 - Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through...

CVE-2023-51356 WordPress ARMember plugin <= 4.0.10 - Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through...

CVE-2023-41957

Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through...

CVE-2023-41956

Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through...

CVE-2023-41957

Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through...

CVE-2023-41956

Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through...

CVE-2023-41954

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through...

CVE-2023-41954

Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through...

CVE-2023-41957 WordPress Simple Membership plugin <= 4.3.4 - Unauthenticated Membership Role Privilege Escalation vulnerability

Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through...

CVE-2023-41957 WordPress Simple Membership plugin <= 4.3.4 - Unauthenticated Membership Role Privilege Escalation vulnerability

Improper Privilege Management vulnerability in smp7, wp.Insider Simple Membership allows Privilege Escalation.This issue affects Simple Membership: from n/a through...

CVE-2023-41956 WordPress Simple Membership plugin <= 4.3.4 - Authenticated Account Takeover vulnerability

Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through...

CVE-2023-41956 WordPress Simple Membership plugin <= 4.3.4 - Authenticated Account Takeover vulnerability

Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through...