CVE-2024-37293 aws-deployment-framework's potential risk can lead to privilege escalation
The AWS Deployment Framework (ADF) is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations....
7.5CVSS
EPSS
CVE-2024-37293 aws-deployment-framework's potential risk can lead to privilege escalation
The AWS Deployment Framework (ADF) is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations....
7.5CVSS
EPSS
Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...
5.4CVSS
EPSS
Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...
5.4CVSS
7AI Score
EPSS
A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API...
3.3CVSS
EPSS
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server...
5.9CVSS
EPSS
A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API...
3.3CVSS
4AI Score
EPSS
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server...
5.9CVSS
5.6AI Score
EPSS
CVE-2024-5812 Smart Rule Overwrite Bypass in BeyondInsight PasswordSafe
A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API...
3.3CVSS
EPSS
CVE-2024-5813 SSH Private Key Leak in BeyondInsight PasswordSafe
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server...
5.9CVSS
EPSS
CVE-2021-28543 affecting package varnish-modules 0.16.0-4
CVE-2021-28543 affecting package varnish-modules 0.16.0-4. This CVE either no longer is or was never...
7.5CVSS
7AI Score
0.002EPSS
7.5AI Score
9.8CVSS
9.7AI Score
0.002EPSS
CVE-2024-34069 vulnerabilities
Vulnerabilities for packages: py3.10-tensorflow-core, kubeflow-volumes-web-app, superset, py3-werkzeug,...
7.5CVSS
7.7AI Score
0.0004EPSS
GHSA-2G68-C3QC-8985 vulnerabilities
Vulnerabilities for packages: py3.10-tensorflow-core, kubeflow-volumes-web-app, superset, py3-werkzeug,...
7.5AI Score
GHSA-84PR-M4JR-85G5 vulnerabilities
Vulnerabilities for packages: kubeflow-volumes-web-app, kubeflow-jupyter-web-app,...
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src, temporal-ui-server, prometheus-adapter, sigstore-scaffolding, vertical-pod-autoscaler, grafana, istio-pilot-discovery, flux-source-controller, nuclei, skopeo, zarf, crossplane-provider-azure, trivy, etcd,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.8AI Score
0.0004EPSS
GHSA-G4MX-Q9VG-27P4 vulnerabilities
Vulnerabilities for packages: py3-urllib3, kubeflow-volumes-web-app, jwt-tool, py3-tensorflow-serving-api,...
7.5AI Score
GHSA-H75V-3VVJ-5MFJ vulnerabilities
Vulnerabilities for packages: py3-jinja2, reflex, kubeflow-volumes-web-app, pytorch, superset, confluent-docker-utils, kubeflow-jupyter-web-app,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: yq, src, temporal-ui-server, s5cmd, skopeo, nri-haproxy, gitsign, nvidia-device-plugin, secrets-store-csi-driver-provider-aws, esbuild, glab, q, zot, coredns, kyverno-policy-reporter-ui, vexctl, melange, prometheus-postgres-exporter, go-fips, cert-exporter,...
6.8AI Score
0.0004EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src, temporal-ui-server, prometheus-adapter, sigstore-scaffolding, vertical-pod-autoscaler, grafana, istio-pilot-discovery, flux-source-controller, nuclei, skopeo, zarf, crossplane-provider-azure, trivy, etcd,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.5AI Score
Vulnerabilities for packages: kubeflow-katib, kubeflow-volumes-web-app, py3.10-tensorflow-core, az, py3-cassandra-medusa, py3-idna, kubeflow-pipelines-visualization-server, datadog-agent, kubeflow-pipelines, ggshield, jwt-tool, confluent-docker-utils, k8s-sidecar, kubeflow-jupyter-web-app,...
7.8AI Score
EPSS
GHSA-JJG7-2V4V-X38H vulnerabilities
Vulnerabilities for packages: kubeflow-katib, kubeflow-volumes-web-app, py3.10-tensorflow-core, az, py3-cassandra-medusa, py3-idna, kubeflow-pipelines-visualization-server, datadog-agent, kubeflow-pipelines, ggshield, jwt-tool, confluent-docker-utils, k8s-sidecar, kubeflow-jupyter-web-app,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: yq, src, temporal-ui-server, s5cmd, skopeo, nri-haproxy, nvidia-device-plugin, secrets-store-csi-driver-provider-aws, glab, q, coredns, gops, kyverno-policy-reporter-ui, vexctl, prometheus-postgres-exporter, go-fips, cert-exporter, local-static-provisioner,...
6.7AI Score
0.0004EPSS
Vulnerabilities for packages: pulumi-language-yaml, yq, src, prometheus-adapter, sigstore-scaffolding, vertical-pod-autoscaler, dive, flux-source-controller, crossplane-provider-azure, kubernetes-csi-external-provisioner, kube-state-metrics, kube-fluentd-operator, prometheus-bind-exporter,...
6.1CVSS
7.2AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: src-fingerprint, src, temporal-ui-server, prometheus-adapter, sigstore-scaffolding, step, grafana, istio-pilot-discovery, flux-source-controller, skopeo, crossplane-provider-azure, trivy, kube-state-metrics, kube-fluentd-operator, prometheus-bind-exporter, eksctl,...
5.9CVSS
7.1AI Score
0.962EPSS
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: pulumi-language-yaml, falco, grafana, goreleaser, flux-source-controller, zarf, crossplane, flux-image-automation-controller, slsa-verifier, tekton-chains, kubevela, keda, flux-kustomize-controller, gitsign, pulumi, vault, boring-registry, sops, cosign, skaffold, tkn,....
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: yq, src, temporal-ui-server, s5cmd, skopeo, nri-haproxy, gitsign, nvidia-device-plugin, secrets-store-csi-driver-provider-aws, esbuild, glab, q, zot, coredns, kyverno-policy-reporter-ui, vexctl, melange, prometheus-postgres-exporter, go-fips, cert-exporter,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: yq, src, temporal-ui-server, s5cmd, skopeo, nri-haproxy, nvidia-device-plugin, secrets-store-csi-driver-provider-aws, glab, q, coredns, gops, kyverno-policy-reporter-ui, vexctl, prometheus-postgres-exporter, go-fips, cert-exporter, local-static-provisioner,...
6.7AI Score
0.0004EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: pulumi-language-yaml, yq, src, prometheus-adapter, sigstore-scaffolding, vertical-pod-autoscaler, dive, istio-pilot-discovery, flux-source-controller, crossplane-provider-azure, kubernetes-csi-external-provisioner, kube-state-metrics, kube-fluentd-operator,...
7.5CVSS
8.4AI Score
0.002EPSS
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.5AI Score
CVE-2024-34064 vulnerabilities
Vulnerabilities for packages: py3-jinja2, reflex, kubeflow-volumes-web-app, pytorch, superset, confluent-docker-utils, kubeflow-jupyter-web-app,...
5.4CVSS
5.8AI Score
0.0004EPSS
CVE-2023-45803 vulnerabilities
Vulnerabilities for packages: py3-urllib3, kubeflow-volumes-web-app, jwt-tool, py3-tensorflow-serving-api,...
4.2CVSS
7.1AI Score
0.0004EPSS
Vulnerabilities for packages: kubeflow-volumes-web-app, kubeflow-jupyter-web-app,...
5.3CVSS
5.5AI Score
0.0004EPSS
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: pulumi-language-yaml, yq, src, prometheus-adapter, sigstore-scaffolding, vertical-pod-autoscaler, dive, istio-pilot-discovery, flux-source-controller, crossplane-provider-azure, kubernetes-csi-external-provisioner, kube-state-metrics, kube-fluentd-operator,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: src-fingerprint, src, temporal-ui-server, prometheus-adapter, sigstore-scaffolding, step, grafana, istio-pilot-discovery, flux-source-controller, skopeo, crossplane-provider-azure, trivy, kube-state-metrics, kube-fluentd-operator, prometheus-bind-exporter, eksctl,...
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: pulumi-language-yaml, yq, src, prometheus-adapter, sigstore-scaffolding, vertical-pod-autoscaler, dive, flux-source-controller, crossplane-provider-azure, kubernetes-csi-external-provisioner, kube-state-metrics, kube-fluentd-operator, prometheus-bind-exporter,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.8AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.8AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.5AI Score
GHSA-9WX4-H78V-VM56 vulnerabilities
Vulnerabilities for packages: airflow, kubeflow-katib, kubeflow-volumes-web-app, py3.10-tensorflow-core, az, py3-cassandra-medusa, datadog-agent, kubeflow-pipelines, jwt-tool, mlflow, confluent-docker-utils, k8s-sidecar,...
7.5AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: yq, src, temporal-ui-server, s5cmd, skopeo, nri-haproxy, nvidia-device-plugin, secrets-store-csi-driver-provider-aws, glab, q, coredns, gops, kyverno-policy-reporter-ui, vexctl, prometheus-postgres-exporter, go-fips, cert-exporter, local-static-provisioner,...
7.5AI Score
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: yq, src, temporal-ui-server, s5cmd, skopeo, nri-haproxy, nvidia-device-plugin, secrets-store-csi-driver-provider-aws, glab, q, coredns, gops, kyverno-policy-reporter-ui, vexctl, prometheus-postgres-exporter, go-fips, cert-exporter, local-static-provisioner,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: kor, pulumi-language-yaml, src-fingerprint, src, temporal-ui-server, s5cmd, yq, prometheus-adapter, vertical-pod-autoscaler, dive, nuclei, crossplane-provider-azure, ytt, etcd, kubernetes-csi-external-provisioner, nri-redis, kube-state-metrics, kuberay-operator,...
7.8AI Score
0.0004EPSS
CVE-2023-46136 vulnerabilities
Vulnerabilities for packages: airflow, kubeflow-volumes-web-app, py3-werkzeug, py3-tensorflow-serving-api,...
8CVSS
7.9AI Score
0.001EPSS