Lucene search

K

Com-Server Highspeed 19" 1Port Security Vulnerabilities

openbugbounty
openbugbounty

cottrellchiro.com Cross Site Scripting vulnerability OBB-3934766

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-12 02:11 AM
1
nvd
nvd

CVE-2024-35225

Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting (XSS) issue. The /proxy endpoint accepts a host path...

9.6CVSS

EPSS

2024-06-11 10:15 PM
2
cve
cve

CVE-2024-35225

Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting (XSS) issue. The /proxy endpoint accepts a host path...

9.6CVSS

8.4AI Score

EPSS

2024-06-11 10:15 PM
5
osv
osv

linux-aws, linux-oracle vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-6356, CVE-2023-6535, CVE-2023-6536)...

7.8CVSS

7.5AI Score

0.002EPSS

2024-06-11 10:09 PM
cbl_mariner
cbl_mariner

CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-19

CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-19. This CVE either no longer is or was never...

5.5CVSS

6.6AI Score

0.001EPSS

2024-06-11 10:03 PM
2
cbl_mariner
cbl_mariner

CVE-2022-3064 affecting package application-gateway-kubernetes-ingress 1.4.0-19

CVE-2022-3064 affecting package application-gateway-kubernetes-ingress 1.4.0-19. This CVE either no longer is or was never...

7.5CVSS

7.8AI Score

0.005EPSS

2024-06-11 10:03 PM
3
cbl_mariner
cbl_mariner

CVE-2021-3611 affecting package qemu 6.2.0-19

CVE-2021-3611 affecting package qemu 6.2.0-19. No patch is available...

6.5CVSS

7AI Score

0.001EPSS

2024-06-11 10:03 PM
1
cbl_mariner
cbl_mariner

CVE-2022-3162 affecting package keda 2.4.0-19

CVE-2022-3162 affecting package keda 2.4.0-19. No patch is available...

6.5CVSS

7AI Score

0.001EPSS

2024-06-11 10:03 PM
15
cbl_mariner
cbl_mariner

CVE-2022-3162 affecting package rook 1.6.2-19

CVE-2022-3162 affecting package rook 1.6.2-19. No patch is available...

6.5CVSS

7AI Score

0.001EPSS

2024-06-11 10:03 PM
1
cbl_mariner
cbl_mariner

CVE-2022-0530 affecting package unzip 6.0-19

CVE-2022-0530 affecting package unzip 6.0-19. No patch is available...

5.5CVSS

5.9AI Score

0.002EPSS

2024-06-11 10:03 PM
2
cbl_mariner
cbl_mariner

CVE-2022-0529 affecting package unzip 6.0-19

CVE-2022-0529 affecting package unzip 6.0-19. No patch is available...

5.5CVSS

5.9AI Score

0.002EPSS

2024-06-11 10:03 PM
3
slackware
slackware

[slackware-security] cups

New cups packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.9-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: When starting the cupsd server with a...

4.4CVSS

7.3AI Score

EPSS

2024-06-11 09:55 PM
hackread
hackread

TellYouThePass Ransomware Exploits Critical PHP Flaw, Patch NOW

Urgent alert for PHP users: Update your server immediately to protect against the newly exploited CVE-2024-4577 by...

9.8CVSS

7AI Score

0.249EPSS

2024-06-11 09:46 PM
cvelist
cvelist

CVE-2024-35225 Jupyter Server Proxy has a reflected XSS issue in host parameter

Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting (XSS) issue. The /proxy endpoint accepts a host path...

9.6CVSS

EPSS

2024-06-11 09:45 PM
1
github
github

Jupyter Server Proxy has a reflected XSS issue in host parameter

Impact There is a reflected cross-site scripting (XSS) issue in jupyter-server-proxy[1]. The /proxy endpoint accepts a host path segment in the format /proxy/<host>. When this endpoint is called with an invalid host value, jupyter-server-proxy replies with a response that includes the value o...

9.6CVSS

5.8AI Score

EPSS

2024-06-11 09:12 PM
osv
osv

Jupyter Server Proxy has a reflected XSS issue in host parameter

Impact There is a reflected cross-site scripting (XSS) issue in jupyter-server-proxy[1]. The /proxy endpoint accepts a host path segment in the format /proxy/<host>. When this endpoint is called with an invalid host value, jupyter-server-proxy replies with a response that includes the value o...

9.6CVSS

6AI Score

EPSS

2024-06-11 09:12 PM
wolfi
wolfi

CVE-2024-31080 vulnerabilities

Vulnerabilities for packages:...

7.3CVSS

7.1AI Score

0.0005EPSS

2024-06-11 09:08 PM
26
wolfi
wolfi

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: wolfictl, goreleaser, aactl, melange, apko, flux-source-controller, gitsign, tkn, slsa-verifier, skaffold, falcoctl, ko, falco, vexctl, policy-controller, neuvector-sigstore-interface, kubescape, zot, tekton-chains, zarf,...

7.5AI Score

2024-06-11 09:08 PM
60
wolfi
wolfi

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: cloudflared, kots, dex, sops, flux-kustomize-controller, cosign, tekton-pipelines, aactl, flux-source-controller, gitsign, cilium-envoy, vault, keda, kyverno, oauth2-proxy, external-secrets-operator, tkn, rekor, slsa-verifier, fulcio, traefik, argo-workflows,...

7.5AI Score

2024-06-11 09:08 PM
322
wolfi
wolfi

GHSA-MQ39-4GV4-MVPX vulnerabilities

Vulnerabilities for packages: conftest, loki, wolfictl, datadog-agent, crossplane, kaniko, syft, cadvisor, goreleaser, docker-compose, buildkitd, aactl, melange, buf, tkn, kargo, prometheus, dagger, ko, grype, trivy, kubescape, zot, telegraf, ctop, spire-server,...

7.5AI Score

2024-06-11 09:08 PM
118
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: doppler-kubernetes-operator, envoy-ratelimit, nodetaint, kubernetes-csi-external-attacher, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, kubernetes-csi-external-snapshotter, haproxy-ingress, go-licenses, secrets-store-csi-driver-provider-azure, tctl,...

7.8AI Score

0.0004EPSS

2024-06-11 09:08 PM
167
wolfi
wolfi

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: vault, kine, caddy, keda, kots, kube-bench, temporal-server, amass, k3s, spicedb, telegraf, src, trillian, step-ca, argo-workflows,...

9.8CVSS

9.7AI Score

0.0004EPSS

2024-06-11 09:08 PM
106
wolfi
wolfi

CVE-2024-21506 vulnerabilities

Vulnerabilities for packages: datadog-agent, py3-pymongo,...

5.5AI Score

0.0004EPSS

2024-06-11 09:08 PM
34
wolfi
wolfi

GHSA-VQ7J-GX56-RXJH vulnerabilities

Vulnerabilities for packages: kind, falco,...

7.5AI Score

2024-06-11 09:08 PM
149
wolfi
wolfi

CVE-2024-28219 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-pillow,...

6.7CVSS

7AI Score

0.0004EPSS

2024-06-11 09:08 PM
33
wolfi
wolfi

GHSA-M87M-MMVP-V9QM vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-11 09:08 PM
2
wolfi
wolfi

CVE-2024-21885 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-11 09:08 PM
39
wolfi
wolfi

GHSA-49WX-9H9F-8C9G vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-11 09:08 PM
31
wolfi
wolfi

CVE-2024-21886 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-11 09:08 PM
39
wolfi
wolfi

CVE-2024-20994 vulnerabilities

Vulnerabilities for packages:...

5.3CVSS

6.1AI Score

0.0004EPSS

2024-06-11 09:08 PM
3
wolfi
wolfi

CVE-2024-21047 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-11 09:08 PM
6
wolfi
wolfi

CVE-2024-21062 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-11 09:08 PM
3
wolfi
wolfi

GHSA-5XQ9-RCPJ-P52V vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-11 09:08 PM
2
wolfi
wolfi

GHSA-88H4-JW57-85V9 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-11 09:08 PM
4
wolfi
wolfi

GHSA-R27R-5FWH-VXQW vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-11 09:08 PM
2
wolfi
wolfi

CVE-2024-29018 vulnerabilities

Vulnerabilities for packages: conftest, loki, wolfictl, datadog-agent, crossplane, kaniko, syft, cadvisor, goreleaser, docker-compose, buildkitd, aactl, melange, buf, tkn, kargo, prometheus, dagger, ko, grype, trivy, kubescape, zot, telegraf, ctop, spire-server,...

5.9CVSS

5.9AI Score

0.0004EPSS

2024-06-11 09:08 PM
131
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: doppler-kubernetes-operator, envoy-ratelimit, nodetaint, kots, kubernetes-csi-external-attacher, cilium-cli, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, timestamp-authority, kubernetes-csi-external-snapshotter, haproxy-ingress,...

7.5AI Score

2024-06-11 09:08 PM
147
wolfi
wolfi

GHSA-MRWW-27VC-GGHV vulnerabilities

Vulnerabilities for packages: vault, kine, caddy, keda, kots, kube-bench, temporal-server, amass, k3s, spicedb, telegraf, src, trillian, step-ca, argo-workflows,...

7.5AI Score

2024-06-11 09:08 PM
88
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: envoy-ratelimit, nodetaint, kots, kubernetes-csi-external-attacher, kubernetes-csi-livenessprobe, haproxy-ingress, tctl, scorecard, gitlab-runner, aactl, bom, wireguard-go, nri-prometheus, kyverno, mc, terraform, prometheus, cert-manager, skaffold, thanos, kpt,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-11 09:08 PM
551
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: nodetaint, kubernetes-csi-external-attacher, cilium-cli, timestamp-authority, haproxy-ingress, tctl, supercronic, sops, ghaudit, wireguard-go, go-md2man, trillian, prometheus, thanos, pulumi-language-java, dagdotdev, restic, harbor-registry, spire-server, kubebuilder,....

6.8AI Score

0.0004EPSS

2024-06-11 09:08 PM
48
wolfi
wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-attacher, cilium-cli, node-feature-discovery, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, kubernetes-csi-external-snapshotter, go-licenses, secrets-store-csi-driver-provider-azure, snyk-cli, k3d, harbor-scanner-trivy, mkcert,...

6.5AI Score

0.0004EPSS

2024-06-11 09:08 PM
14
wolfi
wolfi

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-attacher, cilium-cli, node-feature-discovery, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, kubernetes-csi-external-snapshotter, go-licenses, secrets-store-csi-driver-provider-azure, snyk-cli, k3d, harbor-scanner-trivy, mkcert,...

7.5AI Score

2024-06-11 09:08 PM
11
wolfi
wolfi

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: metrics-server, go-licenses, k3d, kubernetes-dashboard-metrics-scraper, hey, cni-plugins, sops, cass-operator, scorecard, aws-flb-kinesis, goreleaser, oras, protoc-gen-go-grpc, aws-flb-firehose, docker-credential-ecr-login, influx, smarter-device-manager, gops, aactl,....

7.5CVSS

7.9AI Score

0.001EPSS

2024-06-11 09:08 PM
55
wolfi
wolfi

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: nodetaint, kots, kubernetes-csi-external-attacher, kubernetes-csi-livenessprobe, kubernetes-csi-external-snapshotter, haproxy-ingress, tctl, k3d, gitlab-runner, aactl, bom, wireguard-go, nri-prometheus, kyverno, mc, k8sgpt-operator, terraform, trillian, prometheus,...

6.1CVSS

7.2AI Score

0.001EPSS

2024-06-11 09:08 PM
89
wolfi
wolfi

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: kots, cilium-cli, haproxy-ingress, go-licenses, secrets-store-csi-driver-provider-azure, k3d, sops, scorecard, gitlab-runner, libssh2, libssh, aactl, local-path-provisioner, bom, gitsign, dockerize, wireguard-go, kyverno, terraform, kubernetes-event-exporter,...

5.9CVSS

7.1AI Score

0.962EPSS

2024-06-11 09:08 PM
124
wolfi
wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: doppler-kubernetes-operator, envoy-ratelimit, nodetaint, kots, kubernetes-csi-external-attacher, cilium-cli, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, timestamp-authority, kubernetes-csi-external-snapshotter, haproxy-ingress,...

6.6AI Score

0.0004EPSS

2024-06-11 09:08 PM
26
wolfi
wolfi

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: doppler-kubernetes-operator, envoy-ratelimit, nodetaint, kubernetes-csi-external-attacher, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, kubernetes-csi-external-snapshotter, haproxy-ingress, go-licenses, secrets-store-csi-driver-provider-azure, tctl,...

7.8AI Score

0.0004EPSS

2024-06-11 09:08 PM
36
wolfi
wolfi

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: doppler-kubernetes-operator, envoy-ratelimit, nodetaint, kubernetes-csi-external-attacher, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, kubernetes-csi-external-snapshotter, haproxy-ingress, go-licenses, secrets-store-csi-driver-provider-azure, tctl,...

7.5AI Score

2024-06-11 09:08 PM
25
wolfi
wolfi

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: az, jwt-tool, k8s-sidecar, kubeflow-volumes-web-app, py3-cassandra-medusa, kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, kubeflow-pipelines, datadog-agent, ggshield, dask-gateway, py3.10-tensorflow-core, confluent-docker-utils, py3-idna,...

7.5AI Score

2024-06-11 09:08 PM
30
wolfi
wolfi

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: az, jwt-tool, k8s-sidecar, kubeflow-volumes-web-app, py3-cassandra-medusa, kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, kubeflow-pipelines, datadog-agent, ggshield, dask-gateway, py3.10-tensorflow-core, confluent-docker-utils, py3-idna,...

7.8AI Score

EPSS

2024-06-11 09:08 PM
25
Total number of security vulnerabilities641459