Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Desktop & Server Management (DSM) Security Vulnerabilities

cve
cve

CVE-2024-22232

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s...

7.7CVSS

7.3AI Score

EPSS

2024-06-27 07:15 AM
19
nvd
nvd

CVE-2024-22232

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s...

7.7CVSS

EPSS

2024-06-27 07:15 AM
1
alpinelinux
alpinelinux

CVE-2024-22232 Specially crafted url can be created which leads to a directory traversal in the salt file server

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s...

7.7CVSS

7.4AI Score

EPSS

2024-06-27 06:54 AM
4
cvelist
cvelist

CVE-2024-22232 Specially crafted url can be created which leads to a directory traversal in the salt file server

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s...

7.7CVSS

EPSS

2024-06-27 06:54 AM
2
ibm
ibm

Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2024-2511)

Summary IBM MQ Appliance has addressed an OpenSSL denial of service vulnerability. Vulnerability Details CVEID: CVE-2024-2511 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by improper server configuration validation. By using a specially crafted server configuration, a remote...

6.7AI Score

0.0004EPSS

2024-06-27 03:29 AM
6
ibm
ibm

Security Bulletin: IBM MQ Appliance is vulnerable to XML External Entity (XXE) injection and server-side request forgery (CVE-2024-22354 & CVE-2024-22329)

Summary IBM MQ Appliance has addressed XML External Entity (XXE) injection and server-side request forgery vulnerabilities. Vulnerability Details CVEID: CVE-2024-22354 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are.....

7CVSS

7.8AI Score

0.0004EPSS

2024-06-27 03:29 AM
4
ibm
ibm

Security Bulletin: IBM MQ Appliance vulnerable to "Terrapin" attack in OpenSSH (CVE-2023-48795)

Summary By manipulating sequence numbers during SSH connection setup, a MITM attacker can delete negotiation messages without causing a MAC failure. To mitigate this vulnerability, IBM MQ Appliance has removed the chacha20-poly1305 cipher and all etm HMACs from the default set of algorithms...

5.9CVSS

6.9AI Score

0.963EPSS

2024-06-27 03:28 AM
9
cve
cve

CVE-2024-6054

The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with contributor-level and above....

8.8CVSS

8.9AI Score

EPSS

2024-06-27 03:15 AM
2
nvd
nvd

CVE-2024-6054

The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with contributor-level and above....

8.8CVSS

EPSS

2024-06-27 03:15 AM
3
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

7.8AI Score

0.0004EPSS

2024-06-27 03:08 AM
192
wolfi
wolfi

GHSA-MRWW-27VC-GGHV vulnerabilities

Vulnerabilities for packages: amass, argo-workflows, step-ca, kine, vault, telegraf, kube-bench, trillian, spicedb, kots, k3s, ferretdb, keda, caddy, temporal-server,...

7.5AI Score

2024-06-27 03:08 AM
112
wolfi
wolfi

CVE-2024-21506 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, datadog-agent,...

6.7AI Score

0.0004EPSS

2024-06-27 03:08 AM
45
wolfi
wolfi

GHSA-VQ7J-GX56-RXJH vulnerabilities

Vulnerabilities for packages: kind, metrics-server,...

7.5AI Score

2024-06-27 03:08 AM
158
wolfi
wolfi

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: melange, zarf, goreleaser, vexctl, spire-server, zot, falco, aactl, gitsign, tkn, policy-controller, tekton-chains, flux-source-controller, wolfictl, neuvector-sigstore-interface, skaffold, kubescape, falcoctl, ko, apko,...

7.5AI Score

2024-06-27 03:08 AM
88
wolfi
wolfi

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: rook, flux-image-automation-controller, sops, kyverno, sigstore-scaffolding, grafana-mimir, consul, nuclei, kargo, gitlab-kas, tekton-pipelines, zarf, flux-kustomize-controller, goreleaser, guac, rabbitmq-messaging-topology-operator, pulumi, vexctl,...

6CVSS

6AI Score

0.0004EPSS

2024-06-27 03:08 AM
7
wolfi
wolfi

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: sops, kyverno, vault, istio-pilot-discovery, traefik, tekton-pipelines, flux-kustomize-controller, vexctl, spire-server, fulcio, keda, external-secrets-operator, cilium-envoy, falco, argo-cd, dex, aactl, gitsign, kots, terragrunt, tkn, tekton-chains,...

7.5AI Score

2024-06-27 03:08 AM
347
wolfi
wolfi

CVE-2024-28219 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-pillow,...

6.7CVSS

7AI Score

0.0004EPSS

2024-06-27 03:08 AM
43
wolfi
wolfi

GHSA-M87M-MMVP-V9QM vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-27 03:08 AM
10
wolfi
wolfi

CVE-2024-21885 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-27 03:08 AM
45
wolfi
wolfi

CVE-2024-21886 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-27 03:08 AM
45
wolfi
wolfi

GHSA-49WX-9H9F-8C9G vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-27 03:08 AM
44
wolfi
wolfi

CVE-2024-31080 vulnerabilities

Vulnerabilities for packages:...

7.3CVSS

7.1AI Score

0.0005EPSS

2024-06-27 03:08 AM
38
wolfi
wolfi

CVE-2024-20994 vulnerabilities

Vulnerabilities for packages:...

5.3CVSS

6.1AI Score

0.0004EPSS

2024-06-27 03:08 AM
8
wolfi
wolfi

CVE-2024-21047 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-27 03:08 AM
13
wolfi
wolfi

CVE-2024-21062 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-27 03:08 AM
12
wolfi
wolfi

GHSA-5XQ9-RCPJ-P52V vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-27 03:08 AM
8
wolfi
wolfi

GHSA-88H4-JW57-85V9 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-27 03:08 AM
10
wolfi
wolfi

GHSA-R27R-5FWH-VXQW vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-27 03:08 AM
9
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: gatekeeper, git-lfs, helm, prometheus-elasticsearch-exporter, cue, rqlite, tctl, tomcat, traefik, nvidia-device-plugin, pulumi, keda, flux-notification-controller, terraform-provider-aws, argo-cd, hey, gitness, spark-operator, kubernetes-csi-livenessprobe,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-27 03:08 AM
610
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: gatekeeper, rook, melange, helm, prometheus-elasticsearch-exporter, ctop, hubble-ui, chartmuseum, newrelic-nri-kube-events, secrets-store-csi-driver-provider-aws, rqlite, vault, tctl, k8ssandra-operator, osv-scanner, traefik, grafana-agent-operator,...

7.5AI Score

2024-06-27 03:08 AM
182
wolfi
wolfi

GHSA-MQ39-4GV4-MVPX vulnerabilities

Vulnerabilities for packages: melange, ctop, trivy, kargo, cadvisor, docker-compose, up, goreleaser, conftest, spire-server, loki, kaniko, grype, datadog-agent, aactl, telegraf, crossplane, tkn, prometheus, buf, wolfictl, buildkitd, syft, kubescape, ko, zot,...

7.5AI Score

2024-06-27 03:08 AM
144
wolfi
wolfi

CVE-2024-29018 vulnerabilities

Vulnerabilities for packages: melange, ctop, trivy, kargo, cadvisor, docker-compose, up, goreleaser, conftest, spire-server, loki, kaniko, grype, datadog-agent, aactl, telegraf, crossplane, tkn, prometheus, buf, wolfictl, buildkitd, syft, kubescape, ko, zot,...

5.9CVSS

6.1AI Score

0.0004EPSS

2024-06-27 03:08 AM
159
wolfi
wolfi

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: amass, argo-workflows, step-ca, kine, vault, telegraf, kube-bench, trillian, spicedb, kots, k3s, ferretdb, keda, caddy, temporal-server,...

9.8CVSS

9.7AI Score

0.0004EPSS

2024-06-27 03:08 AM
129
wolfi
wolfi

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: dask-gateway, ggshield, datadog-agent, py3.10-tensorflow-core, kubeflow-volumes-web-app, jwt-tool, kubeflow-pipelines-visualization-server, py3-idna, confluent-docker-utils, py3-cassandra-medusa, az, kubeflow-jupyter-web-app, kubeflow-katib, k8s-sidecar,...

7.5AI Score

2024-06-27 03:08 AM
33
wolfi
wolfi

GHSA-679V-HH23-H5JH vulnerabilities

Vulnerabilities for packages: kind, metrics-server,...

7.5AI Score

2024-06-27 03:08 AM
5
wolfi
wolfi

CVE-2023-39320 vulnerabilities

Vulnerabilities for packages:...

9.8CVSS

7.7AI Score

0.001EPSS

2024-06-27 03:08 AM
23
wolfi
wolfi

GHSA-RXV8-V965-V333 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-27 03:08 AM
8
wolfi
wolfi

CVE-2024-35178 vulnerabilities

Vulnerabilities for packages:...

7.5CVSS

7.2AI Score

0.0004EPSS

2024-06-27 03:08 AM
4
wolfi
wolfi

GHSA-PCJV-393Q-RQF2 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-27 03:08 AM
12
wolfi
wolfi

CVE-2024-31081 vulnerabilities

Vulnerabilities for packages:...

7.3CVSS

7.1AI Score

0.0005EPSS

2024-06-27 03:08 AM
18
wolfi
wolfi

CVE-2024-31082 vulnerabilities

Vulnerabilities for packages:...

7.3CVSS

7.1AI Score

0.0004EPSS

2024-06-27 03:08 AM
17
wolfi
wolfi

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, git-lfs, melange, helm, libssh2, step, vault, rqlite, gitlab-kas, traefik, pulumi, prometheus-mysqld-exporter, vexctl, external-secrets-operator, terraform-provider-aws, argo-cd, gitness, k3d, kubernetes-event-exporter, kubernetes-dashboard,...

5.9CVSS

7.1AI Score

0.963EPSS

2024-06-27 03:08 AM
134
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: nats-server, git-lfs, harbor-registry, cue, bazelisk, osv-scanner, aws-network-policy-agent, vexctl, prometheus-mysqld-exporter, volume-modifier-for-k8s, bincapz, keda, k9s, tfsec, gitness, chezmoi, k3d, kube-rbac-proxy, nri-haproxy, boring-registry, regclient,...

6.8AI Score

0.0004EPSS

2024-06-27 03:08 AM
58
wolfi
wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: nats-server, multus-cni, git-lfs, melange, helm, lazygit, ctop, harbor-registry, hubble-ui, chartmuseum, step, extism, secrets-store-csi-driver-provider-aws, cue, osv-scanner, traefik, go, grafana-agent-operator, nvidia-device-plugin, gobump,...

6.5AI Score

0.0004EPSS

2024-06-27 03:08 AM
21
wolfi
wolfi

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: nats-server, multus-cni, git-lfs, melange, helm, lazygit, ctop, harbor-registry, hubble-ui, chartmuseum, step, extism, secrets-store-csi-driver-provider-aws, cue, osv-scanner, traefik, go, grafana-agent-operator, nvidia-device-plugin, gobump,...

7.5AI Score

2024-06-27 03:08 AM
16
wolfi
wolfi

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: rook, flux-image-automation-controller, sops, kyverno, sigstore-scaffolding, grafana-mimir, consul, nuclei, kargo, gitlab-kas, tekton-pipelines, zarf, flux-kustomize-controller, goreleaser, guac, rabbitmq-messaging-topology-operator, pulumi, vexctl,...

7.5AI Score

2024-06-27 03:08 AM
wolfi
wolfi

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: amass, configmap-reload, mage, sops, docker-cli, petname, aws-flb-cloudwatch, cass-operator, go-md2man, ctop, kubernetes-dashboard-metrics-scraper, gitlab-logger, render-template, cni-plugins, prometheus-stackdriver-exporter, grpcurl, nats, goreleaser, gosu,...

7.5CVSS

7.9AI Score

0.001EPSS

2024-06-27 03:08 AM
59
wolfi
wolfi

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: gatekeeper, git-lfs, helm, prometheus-elasticsearch-exporter, chartmuseum, vault, cue, rqlite, tctl, nvidia-device-plugin, pulumi, prometheus-mysqld-exporter, karpenter, keda, flux-notification-controller, external-secrets-operator, argo-cd, hey, gitness, k3d,...

6.1CVSS

7.3AI Score

0.001EPSS

2024-06-27 03:08 AM
94
wolfi
wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: gatekeeper, rook, melange, helm, prometheus-elasticsearch-exporter, ctop, hubble-ui, chartmuseum, newrelic-nri-kube-events, secrets-store-csi-driver-provider-aws, rqlite, vault, tctl, k8ssandra-operator, osv-scanner, traefik, grafana-agent-operator,...

6.8AI Score

0.0004EPSS

2024-06-27 03:08 AM
30
wolfi
wolfi

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

7.8AI Score

0.0004EPSS

2024-06-27 03:08 AM
42
Total number of security vulnerabilities487572