Updated nano packages fix security vulnerability
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges....
4.7CVSS
7.6AI Score
0.0004EPSS
Updated atril packages fix security vulnerability
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user....
8.5CVSS
7.5AI Score
0.005EPSS
Updated nss & firefox packages fix security vulnerabilities
Use-after-free in networking. (CVE-2024-5702) Use-after-free in JavaScript object transplant. (CVE-2024-5688) External protocol handlers leaked by timing attack. (CVE-2024-5690) Sandboxed iframes were able to bypass sandbox restrictions to open a new window. (CVE-2024-5691) Cross-Origin Image leak....
7.9AI Score
0.0004EPSS
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially...
7.9AI Score
EPSS
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially...
EPSS
Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules...
6.8AI Score
EPSS
Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules...
EPSS
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially...
EPSS
Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today...
7.8AI Score
ectm.fr Cross Site Scripting vulnerability OBB-3935473
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
toutembal.fr Cross Site Scripting vulnerability OBB-3935472
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
7.5AI Score
7.5AI Score
7.2AI Score
0.0004EPSS
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: k9s, kots, zot, trivy, helm-push, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-operator, k8sgpt, up, zarf, flux-helm-controller, cert-manager, istio-operator,...
6.4CVSS
6.7AI Score
0.0004EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: kubevela, gitness, newrelic-infrastructure-agent, cert-manager, helm, ctop, k3d, kubescape, melange, up, fuse-overlayfs-snapshotter, eksctl, zot, trivy, cilium-cli, flux-source-controller, kaniko, telegraf, kots, helm-push, tekton-pipelines, grype, neuvector-agent,...
7.5AI Score
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: k9s, kots, zot, trivy, helm-push, kubescape, cilium-cli, flux-source-controller, chartmuseum, helm-operator, k8sgpt, up, zarf, flux-helm-controller, cert-manager, istio-operator,...
7.5AI Score
7.5AI Score
0.0004EPSS
7.5AI Score
8.9AI Score
0.0005EPSS
7.5AI Score
7.5AI Score
7.1AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.8CVSS
7.5AI Score
0.001EPSS
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.5AI Score
5.3CVSS
7.5AI Score
0.001EPSS
CVE-2024-21506 vulnerabilities
Vulnerabilities for packages: datadog-agent, kubeflow-pipelines-visualization-server,...
5.5AI Score
0.0004EPSS
6.5CVSS
7.1AI Score
0.003EPSS
7.5AI Score
7.5CVSS
7.9AI Score
0.001EPSS
6.8AI Score
0.0005EPSS
7.5AI Score
0.0004EPSS
6CVSS
7.2AI Score
0.0004EPSS
CVE-2024-24579 vulnerabilities
Vulnerabilities for packages: k9s, kubescape, wolfictl, syft, grype,...
9.8CVSS
7.6AI Score
0.001EPSS
GHSA-HPXR-W9W7-G4GV vulnerabilities
Vulnerabilities for packages: k9s, kubescape, wolfictl, syft, grype,...
7.5AI Score
7.2CVSS
7.7AI Score
0.002EPSS
8CVSS
7.2AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score