Folders – Unlimited Folders To Organize Media Library Folder, Pages, Posts, File Manager Security Vulnerabilities

CVE-2023-45142 vulnerabilities

Vulnerabilities for packages: ipfs, k3s, up, gitlab-kas, thanos, calico, prometheus-adapter, prometheus, gatekeeper, kubevela, kubernetes, keda, caddy,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: datadog-agent, hivemind, kyverno-policy-reporter-ui, protoc-gen-go-grpc, local-path-provisioner, kubernetes-csi-external-resizer, step-ca, conftest, prometheus-node-exporter, amass, nri-redis, protoc-gen-go, chartmuseum, haproxy-ingress, snyk-cli, cert-exporter,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: datadog-agent, multus-cni, kyverno-policy-reporter-ui, protoc-gen-go-grpc, local-path-provisioner, kubernetes-csi-external-resizer, step-ca, conftest, prometheus-node-exporter, amass, docker-cli, nri-redis, protoc-gen-go, chartmuseum, haproxy-ingress, cert-exporter,...

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: datadog-agent, hivemind, kyverno-policy-reporter-ui, protoc-gen-go-grpc, local-path-provisioner, kubernetes-csi-external-resizer, step-ca, conftest, prometheus-node-exporter, amass, nri-redis, protoc-gen-go, chartmuseum, haproxy-ingress, snyk-cli, cert-exporter,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: bom, ollama, prometheus-statsd-exporter, nats, kube-logging-operator, kubernetes-ingress-defaultbackend, kubernetes-csi-external-attacher, flux-image-reflector-controller, kubernetes-csi-external-resizer, frp, prometheus, vertical-pod-autoscaler, apko,...

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: dex, istio-operator, falcoctl, falco, istio-pilot-discovery, slsa-verifier, minio, goreleaser, argo-cd, argo-workflows, zarf, kargo, guac, melange, oauth2-proxy, rook, step-ca, vexctl, frp, gomplate, grafana, istio-pilot-agent, ko, apko, aactl, gitsign,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: bom, datadog-agent, mage, prometheus-statsd-exporter, nats, fq, kube-logging-operator, local-path-provisioner, protoc-gen-go-grpc, kubernetes, flux-image-reflector-controller, grype, cluster-proportional-autoscaler, kubernetes-csi-external-attacher, regclient, yam,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: bom, datadog-agent, mage, prometheus-statsd-exporter, nats, fq, kube-logging-operator, local-path-provisioner, protoc-gen-go-grpc, kubernetes, flux-image-reflector-controller, grype, cluster-proportional-autoscaler, kubernetes-csi-external-attacher, regclient, yam,...

GHSA-8PGV-569H-W5RW vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, cri-tools, docker-compose, kine, temporal, k3s, envoy-ratelimit, kubescape, kubevela, kubernetes, argo-cd, keda, kyverno, temporal-server, containerd, cert-manager,...

CVE-2023-47108 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, cri-tools, docker-compose, kine, temporal, k3s, envoy-ratelimit, kubescape, kubevela, kubernetes, argo-cd, keda, kyverno, temporal-server, containerd, cert-manager,...

CVE-2024-26147 vulnerabilities

Vulnerabilities for packages: flux-source-controller, helm-operator, eksctl, istio-operator, up, k9s, zarf, k8sgpt, chartmuseum, cilium-cli, kots, kubescape, flux-helm-controller, helm-push, zot, cert-manager,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: bom, ipfs, mage, multus-cni, kyverno-policy-reporter-ui, prometheus-statsd-exporter, local-path-provisioner, kubernetes-ingress-defaultbackend, stern, kubernetes, flux-image-reflector-controller, kubernetes-csi-external-attacher, extism, osv-scanner,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: bom, datadog-agent, mage, prometheus-statsd-exporter, nats, fq, kube-logging-operator, local-path-provisioner, protoc-gen-go-grpc, kubernetes, flux-image-reflector-controller, grype, cluster-proportional-autoscaler, kubernetes-csi-external-attacher, regclient, yam,...

GHSA-V53G-5GJP-272R vulnerabilities

Vulnerabilities for packages: flux-source-controller, helm-operator, eksctl, istio-operator, up, k9s, zarf, k8sgpt, chartmuseum, cilium-cli, kots, kubescape, flux-helm-controller, helm-push, zot, cert-manager,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: bom, datadog-agent, mage, prometheus-statsd-exporter, nats, fq, kube-logging-operator, local-path-provisioner, protoc-gen-go-grpc, kubernetes, flux-image-reflector-controller, grype, cluster-proportional-autoscaler, kubernetes-csi-external-attacher, regclient, yam,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: influx, aws-flb-firehose, mage, nats, protoc-gen-go-grpc, falco, local-path-provisioner, aws-flb-cloudwatch, slsa-verifier, goreleaser, cilium-envoy, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, ip-masq-agent, gobuster, render-template,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: influx, aws-flb-firehose, mage, nats, protoc-gen-go-grpc, falco, local-path-provisioner, aws-flb-cloudwatch, slsa-verifier, goreleaser, cilium-envoy, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, ip-masq-agent, gobuster, render-template,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: influx, aws-flb-firehose, mage, nats, protoc-gen-go-grpc, falco, local-path-provisioner, aws-flb-cloudwatch, slsa-verifier, goreleaser, cilium-envoy, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, ip-masq-agent, gobuster, render-template,...

CVE-2024-28180 vulnerabilities

Vulnerabilities for packages: dex, istio-operator, falcoctl, falco, istio-pilot-discovery, slsa-verifier, minio, goreleaser, argo-cd, argo-workflows, zarf, kargo, guac, melange, oauth2-proxy, rook, step-ca, vexctl, frp, gomplate, grafana, istio-pilot-agent, ko, apko, aactl, gitsign,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: bom, ollama, prometheus-statsd-exporter, nats, fq, local-path-provisioner, kubernetes, flux-image-reflector-controller, grype, certificate-transparency, step-ca, cadvisor, eksctl, frp, prometheus, conftest, apko, prometheus-node-exporter, gatekeeper, tekton-chains,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: bom, ollama, prometheus-statsd-exporter, nats, kube-logging-operator, kubernetes-ingress-defaultbackend, kubernetes-csi-external-attacher, flux-image-reflector-controller, kubernetes-csi-external-resizer, frp, prometheus, vertical-pod-autoscaler, apko,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: bom, ollama, prometheus-statsd-exporter, kube-logging-operator, kubernetes-csi-external-attacher, flux-image-reflector-controller, kubernetes-csi-external-resizer, frp, prometheus, vertical-pod-autoscaler, apko, prometheus-node-exporter, gatekeeper, cloud-sql-proxy,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: neuvector-agent, pulumi-language-java, dex, dynamic-localpv-provisioner, influxd, envoy-ratelimit, gitlab-pages, falco, slsa-verifier, minio, goreleaser, cilium-envoy, argo-cd, grype, kubernetes-csi-external-attacher, node-problem-detector, pulumi-language-dotnet,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: nginx-mainline, bom, ollama, nats, kubernetes-csi-external-attacher, grype, frp, prometheus, conftest, gatekeeper, amass, nvidia-device-plugin, pulumi-kubernetes-operator, tctl, flux-notification-controller, thanos, haproxy-ingress, sigstore-scaffolding, traefik,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: bom, datadog-agent, mage, prometheus-statsd-exporter, nats, fq, kube-logging-operator, local-path-provisioner, protoc-gen-go-grpc, kubernetes, flux-image-reflector-controller, grype, cluster-proportional-autoscaler, kubernetes-csi-external-attacher, regclient, yam,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: bom, datadog-agent, mage, prometheus-statsd-exporter, nats, fq, kube-logging-operator, local-path-provisioner, protoc-gen-go-grpc, kubernetes, flux-image-reflector-controller, grype, cluster-proportional-autoscaler, kubernetes-csi-external-attacher, regclient, yam,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: datadog-agent, hivemind, kyverno-policy-reporter-ui, protoc-gen-go-grpc, local-path-provisioner, kubernetes-csi-external-resizer, step-ca, conftest, prometheus-node-exporter, amass, nri-redis, protoc-gen-go, chartmuseum, haproxy-ingress, snyk-cli, cert-exporter,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: bom, ipfs, mage, multus-cni, kyverno-policy-reporter-ui, prometheus-statsd-exporter, local-path-provisioner, kubernetes-ingress-defaultbackend, stern, kubernetes, flux-image-reflector-controller, kubernetes-csi-external-attacher, extism, osv-scanner,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: datadog-agent, hivemind, kyverno-policy-reporter-ui, protoc-gen-go-grpc, local-path-provisioner, kubernetes-csi-external-resizer, step-ca, conftest, prometheus-node-exporter, amass, nri-redis, protoc-gen-go, chartmuseum, haproxy-ingress, snyk-cli, cert-exporter,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: bom, gitlab-runner, datadog-agent, k3s, falcoctl, falco, istio-pilot-discovery, slsa-verifier, goreleaser, flux-image-reflector-controller, argo-workflows, zarf, kargo, guac, vexctl, cadvisor, eksctl, newrelic-infrastructure-agent, k9s, istio-pilot-agent, k8sgpt,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: bom, datadog-agent, mage, prometheus-statsd-exporter, nats, fq, kube-logging-operator, local-path-provisioner, protoc-gen-go-grpc, kubernetes, flux-image-reflector-controller, grype, cluster-proportional-autoscaler, kubernetes-csi-external-attacher, regclient, yam,...

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2024-3123 CHANGING Mobile One Time Password - Arbitrary File Upload

CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system...

CVE-2024-3122 CHANGING Mobile One Time Password - Arbitrary File Reading

CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the...

CVE-2024-38480

"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this...

CVE-2024-6419

A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has....

CVE-2024-6419

A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has....

CVE-2024-6419 SourceCodester Medicine Tracker System sql injection

A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has....

CVE-2024-6418

A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file /classes/Users.php?f=register_user. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-6417

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_user. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-6418

A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file /classes/Users.php?f=register_user. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-6417

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_user. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2024-6418 SourceCodester Medicine Tracker System sql injection

A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file /classes/Users.php?f=register_user. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-6417 SourceCodester Simple Online Bidding System sql injection

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_user. The manipulation of the argument id leads to sql injection. The attack may be launched...

eightcap.com Cross Site Scripting vulnerability OBB-3939800

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-6416

A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /js/player/dmplayer/dmku/?ac=edit. The manipulation of the argument cid with the input (select(0)from(select(sleep(10)))v) leads to sql injection. The.....

CVE-2024-6416

A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /js/player/dmplayer/dmku/?ac=edit. The manipulation of the argument cid with the input (select(0)from(select(sleep(10)))v) leads to sql injection. The.....