Desktop & Server Management (DSM) Security Vulnerabilities

GHSA-892H-R6CR-53G4 vulnerabilities

Vulnerabilities for packages:...

GHSA-VX3H-CJ8W-2H2C vulnerabilities

Vulnerabilities for packages:...

CVE-2024-29903 vulnerabilities

Vulnerabilities for packages: goreleaser, kubescape, zarf, falco, tkn, zot, apko, aactl, policy-controller, gitsign, vexctl, wolfictl, neuvector-sigstore-interface, melange, falcoctl, ko, spire-server, tekton-chains, skaffold, slsa-verifier,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

CVE-2023-46129 vulnerabilities

Vulnerabilities for packages: telegraf, minio, k3s, nats,...

CVE-2024-5629 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-39321 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-39322 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21000 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21015 vulnerabilities

Vulnerabilities for packages:...

GHSA-2MPF-FQ5J-4HGP vulnerabilities

Vulnerabilities for packages:...

GHSA-5V68-73XH-WCGW vulnerabilities

Vulnerabilities for packages:...

GHSA-7JXX-P3JR-R2X9 vulnerabilities

Vulnerabilities for packages:...

GHSA-R345-8C48-X279 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-6816 vulnerabilities

Vulnerabilities for packages:...

GHSA-W668-XCXF-V3GG vulnerabilities

Vulnerabilities for packages:...

GHSA-3FPG-J8CW-VCJQ vulnerabilities

Vulnerabilities for packages:...

GHSA-MQQF-4P7R-RF89 vulnerabilities

Vulnerabilities for packages:...

GHSA-Q6W6-RJJJ-5P52 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, kube-state-metrics, cert-manager-webhook-pdns, gitleaks, mage, wave, dgraph, clusterctl, tempo, crossplane, bom, newrelic-prometheus-configurator, mockery, newrelic-infra-operator, q, go, prometheus-bind-exporter, zot,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

GHSA-PVCR-V8J8-J5Q3 vulnerabilities

Vulnerabilities for packages: spire-server, external-secrets-operator, boring-registry, tekton-chains, kyverno, istio-operator, vexctl, minio, kubescape, mc, falcoctl, falco, istio-pilot-agent, istio-cni, gitsign,...

CVE-2024-21664 vulnerabilities

Vulnerabilities for packages: spire-server, external-secrets-operator, boring-registry, tekton-chains, kyverno, istio-operator, vexctl, minio, kubescape, mc, falcoctl, falco, istio-pilot-agent, istio-cni, gitsign,...

CVE-2024-21009 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21054 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21087 vulnerabilities

Vulnerabilities for packages:...

GHSA-3VX9-2CH5-M6R6 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31083 vulnerabilities

Vulnerabilities for packages:...

GHSA-MR45-RX8Q-WCM9 vulnerabilities

Vulnerabilities for packages: telegraf, minio, k3s, nats,...

CVE-2024-27454 vulnerabilities

Vulnerabilities for packages: py3-orjson,...

GHSA-3RQ5-2G8H-59HC vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...

GHSA-44WM-F244-XHP3 vulnerabilities

Vulnerabilities for packages: pytorch, kubeflow-pipelines-visualization-server,...

GHSA-PWR2-4V36-6QPR vulnerabilities

Vulnerabilities for packages: py3-orjson,...

GHSA-9V7R-X7CV-V437 vulnerabilities

Vulnerabilities for packages:...

GHSA-26MF-52P6-23PQ vulnerabilities

Vulnerabilities for packages:...

GHSA-JFV3-GH3J-C5R7 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-0409 vulnerabilities

Vulnerabilities for packages:...

GHSA-RCJ8-JX65-7C4R vulnerabilities

Vulnerabilities for packages:...

CVE-2024-0229 vulnerabilities

Vulnerabilities for packages:...

GHSA-2X93-8973-5MGQ vulnerabilities

Vulnerabilities for packages:...

GHSA-VV9M-32RR-3G55 vulnerabilities

Vulnerabilities for packages: kind, falco,...

CVE-2024-39840

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake...

CVE-2024-39840

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake...

Google to Block Entrust Certificates in Chrome Starting November 2024

Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several...

Virtuozzo Hybrid Infrastructure 6.2 (6.2.0-136)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service, high availability of the management node, object storage management, networking, and monitoring. Additionally, this release delivers stability improvements and addresses issues found...

CVE-2024-39840

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake...

Exploit for CVE-2024-34102

🚨 CVE-2024-34102 Exploit Script 🚨 Description This...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site request forgery (CVE-2024-31902)

Summary A cross-site request forgery vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-31902 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and.....

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Oracle MySQL Connectors (CVE-2023-22102)

Summary A vulnerability in Oracle MySQL Connectors used by InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-22102 DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow a remote attacker to cause.....