Controllers For Zoom Rooms (for Android, IOS, And Windows) Security Vulnerabilities

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

smoothways.net Cross Site Scripting vulnerability OBB-3932443

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

yalebooks.co.uk Cross Site Scripting vulnerability OBB-3932442

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-4148 Redos (Regular Expression Denial of Service) in lunary-ai/lunary

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary application, version 1.2.10. An attacker can exploit this vulnerability by maliciously manipulating regular expressions, which can significantly impact the response time of the application and potentially...

forum-startup-chemie.de Cross Site Scripting vulnerability OBB-3932439

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

chemicalparks.com Cross Site Scripting vulnerability OBB-3932438

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

dechemax.de Cross Site Scripting vulnerability OBB-3932436

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: flux-source-controller, sops, terragrunt, oauth2-proxy, dex, fulcio, kyverno, cert-manager, cilium-envoy, falco, tekton-chains, traefik, vault, vexctl, cloudflared, istio-pilot-discovery, aactl, kubescape, argo-workflows, tekton-pipelines, slsa-verifier,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: flannel, metrics-server, sigstore-scaffolding, gitlab-runner, temporal-ui-server, configmap-reload, influx, opentofu, policy-controller, supercronic, tekton-chains, stakater-reloader, hugo-extended, hubble, prometheus-alertmanager, vault, gitness, temporal,...

CVE-2023-38470 vulnerabilities

Vulnerabilities for packages:...

GHSA-5QM6-J92F-79JP vulnerabilities

Vulnerabilities for packages:...

CVE-2024-26130 vulnerabilities

Vulnerabilities for packages: ggshield, py3-cryptography, kubeflow-pipelines, py3-cassandra-medusa,...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: dagger, docker-compose, kaniko, prometheus, melange, harbor-scanner-trivy, syft, policy-controller, cri-tools, grype, docker, helm-push, k3d, wolfictl, buf, tekton-pipelines,...

GHSA-VR64-R9QJ-H27F vulnerabilities

Vulnerabilities for packages:...

CVE-2024-29131 vulnerabilities

Vulnerabilities for packages: neo4j, cassandra-reaper,...

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: flux-source-controller, flux-helm-controller, eksctl, helm-operator, up, zarf, chartmuseum, zot, cert-manager, istio-operator, k8sgpt, kubescape, cilium-cli, helm-push, k9s, kots,...

CVE-2024-1597 vulnerabilities

Vulnerabilities for packages: dependency-track, keycloak,...

GHSA-GVPG-VGMX-XG6W vulnerabilities

Vulnerabilities for packages:...

CVE-2020-15136 vulnerabilities

Vulnerabilities for packages:...

GHSA-J86V-2VJR-FG8F vulnerabilities

Vulnerabilities for packages:...

GHSA-PM3M-32R3-7MFH vulnerabilities

Vulnerabilities for packages:...

GHSA-WR2V-9RPQ-C35Q vulnerabilities

Vulnerabilities for packages:...

GHSA-77RM-9X9H-XJ3G vulnerabilities

Vulnerabilities for packages:...

CVE-2023-24540 vulnerabilities

Vulnerabilities for packages: go, go-fips,...

CVE-2024-26141 vulnerabilities

Vulnerabilities for packages: ruby3.2-rack, logstash,...

CVE-2023-41419 vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app,...

GHSA-2G68-C3QC-8985 vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-werkzeug, superset, kubeflow-volumes-web-app,...

CVE-2024-34069 vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-werkzeug, superset, kubeflow-volumes-web-app,...

GHSA-84PR-M4JR-85G5 vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, kubeflow-volumes-web-app,...

CVE-2024-28219 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, pytorch,...

CVE-2023-42282 vulnerabilities

Vulnerabilities for packages: node-gyp, renovate, sqlpad, npm,...

GHSA-GHR5-CH3P-VCR6 vulnerabilities

Vulnerabilities for packages:...

CVE-2022-36227 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-2804 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-6918 vulnerabilities

Vulnerabilities for packages:...

GHSA-F35J-MFVW-P857 vulnerabilities

Vulnerabilities for packages:...

GHSA-J7HP-H8JX-5PPR vulnerabilities

Vulnerabilities for packages:...

CVE-2023-40577 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, loki,...

GHSA-88CC-G835-76RP vulnerabilities

Vulnerabilities for packages:...

CVE-2023-28434 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-34517 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-30588 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-30590 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-30589 vulnerabilities

Vulnerabilities for packages:...

GHSA-G526-X7VJ-CFV6 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-32006 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-27980 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-30582 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-30584 vulnerabilities

Vulnerabilities for packages:...