Secure Your Containerized Environments with Qualys Containerized Scanner Appliance (QCSA)
IT has undergone a series of significant shifts over the years, from physical infrastructure to virtual, and how infrastructure was managed and maintained. This shift led IT through the digital transformation era, introducing various types of clouds and “As-a-Service” models. Although...
7AI Score
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in __mptcp_push_pending() __mptcp_push_pending() may call mptcp_flush_join_list() with subflow socket lock held. If such call hits mptcp_sockopt_sync_all() then subsequently __mptcp_sockopt_sync() could try to.....
0.0004EPSS
Tool Overload: Why MSPs Are Still Drowning with Countless Cybersecurity Tools in 2024
Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration. Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including...
7AI Score
Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021
Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal...
9.1CVSS
7.4AI Score
0.975EPSS
0.0004EPSS
Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for...
6.8CVSS
EPSS
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf...
EPSS
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf...
7.4AI Score
EPSS
Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for...
6.8CVSS
6.9AI Score
EPSS
Summary There are vulnerabilities in IBM WebSphere Application Server Liberty related packages that are shipped with IBM TXSeries for Multiplatforms. The version of IBM WebSphere Application Server Liberty shipped with IBM TXSeries for Multiplatforms has been updated to address the applicable...
7.5CVSS
7AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: kubescape, minio, aws-ebs-csi-driver, flux-helm-controller, ip-masq-agent, kubernetes-dashboard, prometheus-pushgateway, skopeo, argo-cd, grafana, rqlite, spicedb, temporal-server, ctop, istio-cni, clusterctl, cri-tools, kor, kubernetes-csi-livenessprobe, trillian,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: minio, aws-ebs-csi-driver, flux-helm-controller, ip-masq-agent, kubernetes-dashboard, prometheus-pushgateway, kubebuilder, argo-cd, dataplaneapi, yam, rqlite, tailscale, petname, temporal-server, ctop, clusterctl, cri-tools, kor, aws-flb-firehose,...
7.8AI Score
0.0004EPSS
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: telegraf, amass, kube-bench, argo-workflows, ferretdb, kine, kots, caddy, vault, keda, step-ca, trillian, k3s, spicedb, temporal-server,...
9.8CVSS
9.7AI Score
0.0004EPSS
CVE-2024-28219 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, pytorch,...
6.7CVSS
7AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.8CVSS
7.1AI Score
0.0004EPSS
7.3CVSS
7.1AI Score
0.0005EPSS
CVE-2024-21506 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-pymongo,...
6.7AI Score
0.0004EPSS
5.3CVSS
6.1AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.8CVSS
7.1AI Score
0.0004EPSS
GHSA-MQ39-4GV4-MVPX vulnerabilities
Vulnerabilities for packages: kubescape, telegraf, loki, conftest, docker-compose, dagger, buildkitd, wolfictl, ctop, up, zot, kaniko, cadvisor, aactl, grype, crossplane, buf, trivy, goreleaser, melange, ko, spire-server, syft, tkn, kargo, prometheus,...
7.5AI Score
GHSA-MRWW-27VC-GGHV vulnerabilities
Vulnerabilities for packages: telegraf, amass, kube-bench, argo-workflows, ferretdb, kine, kots, caddy, vault, keda, step-ca, trillian, k3s, spicedb, temporal-server,...
7.5AI Score
CVE-2024-29018 vulnerabilities
Vulnerabilities for packages: kubescape, telegraf, loki, conftest, docker-compose, dagger, buildkitd, wolfictl, ctop, up, zot, kaniko, cadvisor, aactl, grype, crossplane, buf, trivy, goreleaser, melange, ko, spire-server, syft, tkn, kargo, prometheus,...
5.9CVSS
5.9AI Score
0.0004EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: kubescape, kyverno, tekton-pipelines, cosign, slsa-verifier, argo-cd, falco, gitsign, flux-kustomize-controller, cilium-envoy, kots, vault, cert-manager, istio-pilot-discovery, traefik, aactl, sops, tekton-chains, argo-workflows, dex, terragrunt, oauth2-proxy, fulcio,....
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: kubescape, minio, ip-masq-agent, flux-helm-controller, argo-cd, rqlite, kubernetes-csi-livenessprobe, external-dns, aactl, grype, secrets-store-csi-driver-provider-gcp, tomcat, opentofu, cluster-autoscaler, goreleaser, prometheus-bind-exporter,...
7.5CVSS
9AI Score
0.732EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: kubescape, slsa-verifier, neuvector-sigstore-interface, policy-controller, falco, gitsign, skaffold, wolfictl, falcoctl, zot, aactl, tekton-chains, apko, goreleaser, melange, flux-source-controller, vexctl, ko, spire-server, tkn,...
7.5AI Score
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: kubescape, ip-masq-agent, skopeo, dataplaneapi, yam, rqlite, litestream, spicedb, clusterctl, crane, aws-flb-firehose, neuvector-scanner, prometheus-redis-exporter, external-dns, hubble, crossplane-provider-aws, prometheus-postgres-exporter, argo-workflows,...
6.8AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: kubescape, aws-ebs-csi-driver, ip-masq-agent, mkcert, kubernetes-dashboard, skopeo, kubebuilder, litestream, logstash, petname, spicedb, tempo, ctop, harbor-cli, clusterctl, kafka_exporter, cri-tools, crane, kubernetes-csi-livenessprobe, gobump, neuvector-scanner,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: kubescape, aws-ebs-csi-driver, ip-masq-agent, mkcert, kubernetes-dashboard, skopeo, kubebuilder, litestream, logstash, petname, spicedb, tempo, ctop, harbor-cli, clusterctl, kafka_exporter, cri-tools, crane, kubernetes-csi-livenessprobe, gobump, neuvector-scanner,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: kubescape, ip-masq-agent, skopeo, dataplaneapi, yam, litestream, spicedb, ctop, clusterctl, crane, aws-flb-firehose, neuvector-scanner, prometheus-redis-exporter, external-dns, crossplane-provider-aws, grafana-mimir, prometheus-postgres-exporter, argo-workflows,...
5.5CVSS
6.1AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: kind, cass-operator, go-licenses, ip-masq-agent, slsa-verifier, nats, sonobuoy, grpcurl, cortex, smarter-device-manager, render-template, falco, petname, ctop, cilium-envoy, gke-gcloud-auth-plugin, kubernetes-dashboard-metrics-scraper, vertical-pod-autoscaler, amass,.....
7.5CVSS
7.9AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: kubescape, flux-helm-controller, kubernetes-dashboard, skopeo, argo-cd, grafana, rqlite, temporal-server, istio-cni, trillian, external-dns, k3s, crossplane-provider-aws, aactl, grype, sops, prometheus-postgres-exporter, argo-workflows, src-fingerprint, k3d, buf,...
5.9CVSS
7.1AI Score
0.962EPSS
Vulnerabilities for packages: minio, aws-ebs-csi-driver, flux-helm-controller, prometheus-pushgateway, kubernetes-dashboard, argo-cd, rqlite, kubernetes-csi-livenessprobe, trillian, external-dns, k3s, kubernetes-csi-external-snapshotter, crossplane-provider-aws, aactl,...
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: kubescape, minio, aws-ebs-csi-driver, flux-helm-controller, ip-masq-agent, kubernetes-dashboard, prometheus-pushgateway, skopeo, argo-cd, grafana, rqlite, spicedb, temporal-server, ctop, istio-cni, clusterctl, cri-tools, kor, kubernetes-csi-livenessprobe, trillian,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: minio, aws-ebs-csi-driver, flux-helm-controller, ip-masq-agent, kubernetes-dashboard, prometheus-pushgateway, kubebuilder, argo-cd, dataplaneapi, yam, rqlite, tailscale, petname, temporal-server, ctop, clusterctl, cri-tools, kor, aws-flb-firehose,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: minio, aws-ebs-csi-driver, flux-helm-controller, ip-masq-agent, kubernetes-dashboard, prometheus-pushgateway, kubebuilder, argo-cd, dataplaneapi, yam, rqlite, tailscale, petname, temporal-server, ctop, clusterctl, cri-tools, kor, aws-flb-firehose,...
7.5AI Score
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: ksops, kyverno, telegraf, loki, tekton-pipelines, timestamp-authority, cosign, k8sgpt, hugo, thanos, cortex, sigstore-scaffolding, grafana, policy-controller, harbor-registry, tempo, falcoctl, flux-kustomize-controller, rclone, flyte, up, py3-cassandra-medusa,...
5.5CVSS
6.1AI Score
0.0004EPSS
GHSA-M5VV-6R4H-3VJ9 vulnerabilities
Vulnerabilities for packages: ksops, kyverno, telegraf, loki, tekton-pipelines, timestamp-authority, cosign, k8sgpt, hugo, thanos, cortex, sigstore-scaffolding, grafana, policy-controller, harbor-registry, tempo, falcoctl, flux-kustomize-controller, rclone, flyte, up, py3-cassandra-medusa,...
7.5AI Score
Vulnerabilities for packages: k8s-sidecar, az, py3.10-tensorflow-core, dask-gateway, kubeflow-volumes-web-app, jwt-tool, kubeflow-jupyter-web-app, kubeflow-pipelines, py3-cassandra-medusa, ggshield, kubeflow-pipelines-visualization-server, kubeflow-katib, py3-idna, confluent-docker-utils,...
7AI Score
EPSS
GHSA-JJG7-2V4V-X38H vulnerabilities
Vulnerabilities for packages: k8s-sidecar, az, py3.10-tensorflow-core, dask-gateway, kubeflow-volumes-web-app, jwt-tool, kubeflow-jupyter-web-app, kubeflow-pipelines, py3-cassandra-medusa, ggshield, kubeflow-pipelines-visualization-server, kubeflow-katib, py3-idna, confluent-docker-utils,...
7.5AI Score
7.5AI Score
9.8CVSS
7.7AI Score
0.001EPSS
7.5AI Score