Defender Security – Malware Scanner, Login Security & Firewall Security Vulnerabilities

Arid Viper’s AridSpy Trojan Hits Android Users in Palestine, Egypt

Android users in Egypt and Palestine beware! Arid Viper is distributing malicious third-party apps hiding the AridSpy trojan! Learn how this malware steals your data and how to protect...

Exploit for CVE-2024-36837

CVE-2024-36837 POC write URL in url.txt and run...

produktsuche.riadrive.de Cross Site Scripting vulnerability OBB-3935466

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: syft, neuvector-scanner, wolfictl, kaniko, dagger, tekton-pipelines, k3d, helm-push, docker-compose, policy-controller, melange, prometheus, docker, cri-tools, buf, grype,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: nerdctl, nodetaint, zarf, external-dns, grafana-operator, kubeflow-pipelines, cosign, cert-exporter, istio-cni, ctop, vault-csi-provider, kubeadm-bootstrap-controller, prometheus-node-exporter, buf, jaeger-agent, kubernetes-csi-node-driver-registrar,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: newrelic-prometheus-configurator, cert-exporter, confluent-common-docker, vault-csi-provider, nri-rabbitmq, jaeger-agent, nvidia-device-plugin, gitlab-logger, up, mage, newrelic-nri-statsd, nri-discovery-kubernetes, istio-operator, gobuster, kustomize, ipfs, argo-cd,.....

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: wire-go, go-bindata, bom, docker-credential-acr-env, logstash, external-dns, grafana-operator, newrelic-prometheus-configurator, cosign, docker-credential-ecr-login, kafka_exporter, ksops, cert-exporter, confluent-common-docker, ctop, kubecolor,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: wire-go, go-bindata, bom, docker-credential-acr-env, logstash, external-dns, grafana-operator, newrelic-prometheus-configurator, cosign, docker-credential-ecr-login, kafka_exporter, ksops, cert-exporter, confluent-common-docker, ctop, kubecolor,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: newrelic-prometheus-configurator, cert-exporter, confluent-common-docker, ctop, vault-csi-provider, nri-rabbitmq, jaeger-agent, nvidia-device-plugin, gitlab-logger, up, mage, newrelic-nri-statsd, wolfictl, nri-discovery-kubernetes, istio-operator, gobuster, kustomize,....

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: goreleaser, sops, go-bindata, docker-cli, scorecard, k3d, docker-credential-ecr-login, ctop, cortex, go-md2man, gitlab-logger, hey, render-template, mage, nri-discovery-kubernetes, cni-plugins, prometheus-stackdriver-exporter, cilium-envoy, flannel-cni-plugin,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

CVE-2024-32473 vulnerabilities

Vulnerabilities for packages: syft, neuvector-scanner, wolfictl, kaniko, dagger, tekton-pipelines, k3d, helm-push, docker-compose, policy-controller, melange, prometheus, docker, cri-tools, buf, grype,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: nerdctl, nodetaint, zarf, external-dns, grafana-operator, kubeflow-pipelines, cosign, cert-exporter, istio-cni, ctop, vault-csi-provider, kubeadm-bootstrap-controller, prometheus-node-exporter, buf, jaeger-agent, kubernetes-csi-node-driver-registrar,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: newrelic-prometheus-configurator, cert-exporter, confluent-common-docker, vault-csi-provider, nri-rabbitmq, jaeger-agent, nvidia-device-plugin, gitlab-logger, up, mage, newrelic-nri-statsd, nri-discovery-kubernetes, istio-operator, gobuster, kustomize, ipfs, argo-cd,.....

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: newrelic-prometheus-configurator, cert-exporter, confluent-common-docker, ctop, vault-csi-provider, nri-rabbitmq, jaeger-agent, nvidia-device-plugin, gitlab-logger, up, mage, newrelic-nri-statsd, wolfictl, nri-discovery-kubernetes, istio-operator, gobuster, kustomize,....

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: wire-go, go-bindata, bom, docker-credential-acr-env, logstash, external-dns, grafana-operator, newrelic-prometheus-configurator, cosign, docker-credential-ecr-login, kafka_exporter, ksops, cert-exporter, confluent-common-docker, ctop, kubecolor,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: goreleaser, sops, go-bindata, docker-cli, scorecard, k3d, docker-credential-ecr-login, ctop, cortex, go-md2man, gitlab-logger, hey, render-template, mage, nri-discovery-kubernetes, cni-plugins, prometheus-stackdriver-exporter, cilium-envoy, flannel-cni-plugin,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: newrelic-prometheus-configurator, cert-exporter, confluent-common-docker, ctop, vault-csi-provider, nri-rabbitmq, jaeger-agent, nvidia-device-plugin, gitlab-logger, up, mage, newrelic-nri-statsd, wolfictl, nri-discovery-kubernetes, istio-operator, gobuster, kustomize,....

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: goreleaser, sops, go-bindata, docker-cli, scorecard, k3d, docker-credential-ecr-login, ctop, cortex, go-md2man, gitlab-logger, hey, render-template, mage, nri-discovery-kubernetes, cni-plugins, prometheus-stackdriver-exporter, cilium-envoy, flannel-cni-plugin,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: goreleaser, sops, go-bindata, docker-cli, scorecard, k3d, docker-credential-ecr-login, ctop, cortex, go-md2man, gitlab-logger, hey, render-template, mage, nri-discovery-kubernetes, cni-plugins, prometheus-stackdriver-exporter, cilium-envoy, flannel-cni-plugin,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: wire-go, go-bindata, bom, docker-credential-acr-env, logstash, external-dns, grafana-operator, newrelic-prometheus-configurator, cosign, docker-credential-ecr-login, kafka_exporter, ksops, cert-exporter, confluent-common-docker, ctop, kubecolor,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: newrelic-prometheus-configurator, cert-exporter, confluent-common-docker, ctop, vault-csi-provider, nri-rabbitmq, jaeger-agent, nvidia-device-plugin, gitlab-logger, up, mage, newrelic-nri-statsd, wolfictl, nri-discovery-kubernetes, istio-operator, gobuster, kustomize,....

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: wire-go, nri-apache, nerdctl, go-bindata, bom, docker-credential-acr-env, newrelic-prometheus-configurator, external-dns, grafana-operator, kubeflow-pipelines, nodetaint, docker-credential-ecr-login, cert-exporter, controller-gen, ctop, vault-csi-provider,...

clippie.ca Cross Site Scripting vulnerability OBB-3935464

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

mlbdm.org Open Redirect vulnerability OBB-3935462

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

nycecpdi.org Cross Site Scripting vulnerability OBB-3935461

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

mangatx.to Cross Site Scripting vulnerability OBB-3935460

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

presentdaze.co.uk Cross Site Scripting vulnerability OBB-3935455

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

pbgroup.com Cross Site Scripting vulnerability OBB-3935454

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

openconstructionbuildingtechnologyjournal.com Cross Site Scripting vulnerability OBB-3935453

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

ganitcharcha.com Cross Site Scripting vulnerability OBB-3935450

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

hotrodhobbies.com Cross Site Scripting vulnerability OBB-3935447

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

aytodestriana.es Cross Site Scripting vulnerability OBB-3935443

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

twoontwo.blog.fc2.com Cross Site Scripting vulnerability OBB-3935440

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

velopressecollection.ouest-france.fr Cross Site Scripting vulnerability OBB-3935441

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

nya-nya-train.fc2.net Cross Site Scripting vulnerability OBB-3935432

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-6007

A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /protocol/iscgwtunnel/deleteiscgwrouteconf.php. The manipulation of the argument messagecontent leads to sql injection. It is possible to initiate...

CVE-2024-6007

A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /protocol/iscgwtunnel/deleteiscgwrouteconf.php. The manipulation of the argument messagecontent leads to sql injection. It is possible to initiate...

manakahuna.grupo.jp Cross Site Scripting vulnerability OBB-3935428

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

lousalome.brownpapertickets.com Cross Site Scripting vulnerability OBB-3935427

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

kids.gyozi.net Cross Site Scripting vulnerability OBB-3935425

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

katorifp.grupo.jp Cross Site Scripting vulnerability OBB-3935424

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...