Vulnerabilities for packages: pulumi-kubernetes-operator, cert-manager, flux-image-reflector-controller, buildkitd, ksops, policy-controller, kubevela, terraform, gitsign, vault-csi-provider, cosign, flux-helm-controller, prometheus, fulcio, zot, aactl, keda, gh, vexctl, glab, tkn, bank-vaults,...
6CVSS
6AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, ctop, kube-fluentd-operator, terraform, k8sgpt-operator, pulumi-language-dotnet, kubernetes-csi-external-resizer, trivy, prometheus-mysqld-exporter, traefik, istio-pilot-discovery, aws-load-balancer-controller, up,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.8AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, wait-for-port, nsc, nri-f5, prometheus-nats-exporter, controller-gen, nri-prometheus, kubebuilder, step, crossplane-provider-azure, k8ssandra-operator,...
6.8AI Score
0.0004EPSS
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: hivemind, trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, age, wait-for-port, nsc, nri-f5, kafka-proxy, prometheus-nats-exporter, controller-gen, nri-prometheus, extism, kubebuilder, step,...
5.5CVSS
6.1AI Score
0.0004EPSS
GHSA-V6V8-XJ6M-XWQH vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, cert-manager, flux-image-reflector-controller, buildkitd, ksops, policy-controller, kubevela, terraform, gitsign, vault-csi-provider, cosign, flux-helm-controller, prometheus, fulcio, zot, aactl, keda, gh, vexctl, glab, tkn, bank-vaults,...
7.5AI Score
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, kube-fluentd-operator, terraform, trivy, prometheus-mysqld-exporter, traefik, istio-pilot-discovery, gobuster, up, memcached-exporter, bank-vaults, gatekeeper, flux, weaviate, k3s, cloud-sql-proxy, cilium-cli, nsc,...
5.9CVSS
7.1AI Score
0.963EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, ctop, kube-fluentd-operator, terraform, k8sgpt-operator, pulumi-language-dotnet, kubernetes-csi-external-resizer, trivy, prometheus-mysqld-exporter, traefik, istio-pilot-discovery, aws-load-balancer-controller, up,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, wait-for-port, nsc, nri-f5, prometheus-nats-exporter, controller-gen, nri-prometheus, kubebuilder, step, crossplane-provider-azure, k8ssandra-operator,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: hivemind, trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, age, wait-for-port, nsc, nri-f5, kafka-proxy, prometheus-nats-exporter, controller-gen, nri-prometheus, extism, kubebuilder, step,...
9.8CVSS
9.8AI Score
0.001EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.5AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: hivemind, trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, age, wait-for-port, nsc, nri-f5, kafka-proxy, prometheus-nats-exporter, controller-gen, nri-prometheus, extism, kubebuilder, step,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, kube-fluentd-operator, terraform, trivy, prometheus-mysqld-exporter, traefik, istio-pilot-discovery, gobuster, up, memcached-exporter, bank-vaults, gatekeeper, flux, weaviate, k3s, cloud-sql-proxy, cilium-cli, nsc,...
7.5AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.8AI Score
0.0004EPSS
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.8AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
7.5AI Score
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: hivemind, trivy, prometheus-mysqld-exporter, up, docker-credential-gcr, glab, go-md2man, osv-scanner, pulumi-language-java, age, wait-for-port, nsc, nri-f5, kafka-proxy, prometheus-nats-exporter, controller-gen, nri-prometheus, extism, kubebuilder, step,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: thanos, flux-image-reflector-controller, delve, ctop, docker-cli, terraform, k8sgpt-operator, govulncheck, kubernetes-csi-external-resizer, vexctl, prometheus-mysqld-exporter, aws-load-balancer-controller, gobuster, up, memcached-exporter, regclient, kuberay-operator,....
6AI Score
0.0004EPSS
CVE-1999-0901 affecting package ypserv 4.1-4
CVE-1999-0901 affecting package ypserv 4.1-4. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2021-28543 affecting package varnish-modules 0.16.0-4
CVE-2021-28543 affecting package varnish-modules 0.16.0-4. This CVE either no longer is or was never...
7.5CVSS
7AI Score
0.002EPSS
CVE-2022-25345 affecting package opus 1.3.1-4
CVE-2022-25345 affecting package opus 1.3.1-4. No patch is available...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-1999-0902 affecting package ypserv 4.1-4
CVE-1999-0902 affecting package ypserv 4.1-4. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2007-1397 affecting package fish 3.1.2-4
CVE-2007-1397 affecting package fish 3.1.2-4. This CVE either no longer is or was never...
7.5AI Score
0.171EPSS
CVE-2017-5834 affecting package libplist 2.1.0-4
CVE-2017-5834 affecting package libplist 2.1.0-4. No patch is available...
5.5CVSS
7.1AI Score
0.002EPSS
CVE-2022-20001 affecting package fish 3.1.2-4
CVE-2022-20001 affecting package fish 3.1.2-4. This CVE either no longer is or was never...
7.8CVSS
8AI Score
0.002EPSS
CVE-2017-5836 affecting package libplist 2.1.0-4
CVE-2017-5836 affecting package libplist 2.1.0-4. No patch is available...
7.5CVSS
7.7AI Score
0.003EPSS
CVE-2017-5835 affecting package libplist 2.1.0-4
CVE-2017-5835 affecting package libplist 2.1.0-4. No patch is available...
7.5CVSS
7.1AI Score
0.003EPSS
CVE-2013-7381 affecting package libnotify 0.7.9-4
CVE-2013-7381 affecting package libnotify 0.7.9-4. This CVE either no longer is or was never...
9.8CVSS
7AI Score
0.003EPSS
CVE-2020-1472 affecting package samba for versions less than 4.12.5-4
CVE-2020-1472 affecting package samba for versions less than 4.12.5-4. A patched version of the package is...
5.5CVSS
7.2AI Score
0.467EPSS
CVE-2000-0006 affecting package strace 5.16-4
CVE-2000-0006 affecting package strace 5.16-4. This CVE either no longer is or was never...
6.7AI Score
0.001EPSS
CVE-2022-45639 affecting package sleuthkit 4.9.0-4
CVE-2022-45639 affecting package sleuthkit 4.9.0-4. No patch is available...
7.8CVSS
7.5AI Score
0.004EPSS
CVE-2023-25136 affecting package openssh 8.9p1-4
CVE-2023-25136 affecting package openssh 8.9p1-4. This CVE either no longer is or was never...
6.5CVSS
7AI Score
0.009EPSS
CVE-2020-14150 affecting package bison 3.1-4
CVE-2020-14150 affecting package bison 3.1-4. No patch is available...
5.5CVSS
7.5AI Score
0.0004EPSS
CVE-2022-44793 affecting package net-snmp 5.9-4
CVE-2022-44793 affecting package net-snmp 5.9-4. No patch is available...
6.5CVSS
6.9AI Score
0.003EPSS
CVE-2018-14040 affecting package boost 1.66.0-4
CVE-2018-14040 affecting package boost 1.66.0-4. This CVE either no longer is or was never...
6.1CVSS
7.4AI Score
0.008EPSS
CVE-2022-39348 affecting package python-twisted 20.3.0-4
CVE-2022-39348 affecting package python-twisted 20.3.0-4. No patch is available...
5.4CVSS
7.5AI Score
0.002EPSS
CVE-2018-25032 affecting package grpc for versions less than 1.35.0-4
CVE-2018-25032 affecting package grpc for versions less than 1.35.0-4. A patched version of the package is...
7.5CVSS
7.5AI Score
0.003EPSS
CVE-2022-3857 affecting package libpng 1.6.37-4
CVE-2022-3857 affecting package libpng 1.6.37-4. No patch is available...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2022-44792 affecting package net-snmp 5.9-4
CVE-2022-44792 affecting package net-snmp 5.9-4. No patch is available...
6.5CVSS
6.9AI Score
0.003EPSS
CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4
CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4. This CVE either no longer is or was never...
5.7CVSS
7.5AI Score
0.0004EPSS
CVE-2022-3515 affecting package gnupg2 2.2.20-4
CVE-2022-3515 affecting package gnupg2 2.2.20-4. This CVE either no longer is or was never...
9.8CVSS
9.9AI Score
0.005EPSS
Glastonbury ticket hijack vulnerability fixed
The Glastonbury ticket website was vulnerable to a relatively simple attack that that allowed ticket theft and data leakage. What’s the issue? An attacker could scrape collaborative ticket buying websites (e.g. Reddit) to gather people’s details, use a flaw in the registration process and session.....
6.8AI Score
Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors
The modern kill chain is eluding enterprises because they aren't protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven't revised their security...
7.4AI Score
Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment
Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and...
9.8CVSS
9AI Score
0.001EPSS
The Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tiktok_user_id’ parameter in all versions up to, and including, 7.0.12 due to insufficient input sanitization and output....
4.7CVSS
0.0004EPSS
The Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tiktok_user_id’ parameter in all versions up to, and including, 7.0.12 due to insufficient input sanitization and output....
4.7CVSS
6.4AI Score
0.0004EPSS