ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server Security Vulnerabilities
Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross-site scripting vulnerability in the proxy server...
6.3CVSS
5.9AI Score
EPSS
Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross-site scripting vulnerability in the proxy server...
6.3CVSS
EPSS
Part 1: XZ backdoor story – Initial analysis Part 2: Assessing the Y, and How, of the XZ Utils incident (social engineering) In our first article on the XZ backdoor, we analyzed its code from initial infection to the function hooking it performs. As we mentioned then, its initial goal was to...
8.6AI Score
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: apko, melange, zot, goreleaser, neuvector-sigstore-interface, tekton-chains, falco, ko, spire-server, kubescape, policy-controller, falcoctl, slsa-verifier, vexctl, skaffold, aactl, tkn, flux-source-controller, zarf, gitsign,...
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: node-problem-detector, gobuster, gitlab-shell, gitlab-runner, kaf, coredns, prometheus-blackbox-exporter, hugo, scorecard, gke-gcloud-auth-plugin, terraform-provider-azurerm, grype, kubescape, newrelic-infrastructure-agent, dgraph, prometheus-stackdriver-exporter,...
7.5CVSS
9AI Score
0.732EPSS
CVE-2024-29018 vulnerabilities
Vulnerabilities for packages: buf, dagger, melange, cadvisor, zot, kaniko, goreleaser, kargo, trivy, ko, spire-server, grype, kubescape, ctop, crossplane, aactl, prometheus, tkn, syft, datadog-agent, buildkitd, telegraf, up, loki, wolfictl, conftest,...
5.9CVSS
5.9AI Score
0.0004EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: rekor, tekton-pipelines, vault, dex, cert-manager, cilium-envoy, tekton-chains, terragrunt, falco, spire-server, kubescape, keda, slsa-verifier, kots, flux-kustomize-controller, vexctl, external-secrets-operator, aactl, argo-workflows, cloudflared, cosign, tkn,...
7.5AI Score
GHSA-MQ39-4GV4-MVPX vulnerabilities
Vulnerabilities for packages: buf, dagger, melange, cadvisor, zot, kaniko, goreleaser, kargo, trivy, ko, spire-server, grype, kubescape, ctop, crossplane, aactl, prometheus, tkn, syft, datadog-agent, buildkitd, telegraf, up, loki, wolfictl, conftest,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: wazero, node-problem-detector, gobuster, gitlab-shell, dagger, secrets-store-csi-driver-provider-azure, velero, gitlab-runner, kaf, regclient, prometheus-blackbox-exporter, nri-elasticsearch, scorecard, esbuild, kubernetes-dashboard-metrics-scraper, paranoia, task,...
7.8AI Score
0.0004EPSS
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: ferretdb, caddy, amass, spicedb, src, kine, telegraf, temporal-server, kube-bench, argo-workflows, k3s, trillian, vault, keda, step-ca,...
9.8CVSS
9.7AI Score
0.0004EPSS
GHSA-MRWW-27VC-GGHV vulnerabilities
Vulnerabilities for packages: ferretdb, caddy, amass, spicedb, src, kine, telegraf, temporal-server, kube-bench, argo-workflows, k3s, trillian, vault, keda, step-ca,...
7.5AI Score
6.7AI Score
0.0004EPSS
7.5AI Score
5.3CVSS
6.1AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.8CVSS
7.1AI Score
0.0004EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
7.5AI Score
7.3CVSS
7.1AI Score
0.0005EPSS
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: bank-vaults, node-problem-detector, istio-pilot-agent, gitlab-shell, dagger, secrets-store-csi-driver-provider-azure, velero, gitlab-runner, kaf, rabbitmq-messaging-topology-operator, containerd, hugo, scorecard, kubernetes-dashboard-metrics-scraper, runc,...
7.5AI Score
CVE-2024-28219 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, pytorch,...
6.7CVSS
7AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: bank-vaults, gobuster, gitlab-shell, secrets-store-csi-driver-provider-azure, rabbitmq-messaging-topology-operator, coredns, hugo, kubernetes-dashboard-metrics-scraper, terraform-provider-azurerm, nri-f5, prometheus-nats-exporter, dgraph, cert-manager-webhook-pdns,...
6.8AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: bank-vaults, croc, secrets-store-csi-driver-provider-azure, spqr, snyk-cli, gitlab-runner, kaf, regclient, coredns, containerd, scorecard, jitsucom-bulker, kubernetes-dashboard-metrics-scraper, flyte, paranoia, runc, gke-gcloud-auth-plugin, tempo,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: bank-vaults, croc, secrets-store-csi-driver-provider-azure, spqr, snyk-cli, gitlab-runner, kaf, regclient, coredns, containerd, scorecard, jitsucom-bulker, kubernetes-dashboard-metrics-scraper, flyte, paranoia, runc, gke-gcloud-auth-plugin, tempo,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: bank-vaults, gobuster, gitlab-shell, secrets-store-csi-driver-provider-azure, snyk-cli, rabbitmq-messaging-topology-operator, coredns, kubernetes-dashboard-metrics-scraper, terraform-provider-azurerm, nri-f5, prometheus-nats-exporter, dgraph,...
5.5CVSS
6.1AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, gobuster, metrics-server, cortex, helm-push, aws-flb-kinesis, configmap-reload, vertical-pod-autoscaler, grpcurl, sonobuoy, goreleaser, scorecard, cilium-envoy, kubernetes-dashboard-metrics-scraper, kind, falco, gke-gcloud-auth-plugin,...
7.5CVSS
7.9AI Score
0.001EPSS
Vulnerabilities for packages: bank-vaults, node-problem-detector, gobuster, gitlab-runner, kaf, coredns, prometheus-blackbox-exporter, containerd, hugo, kubernetes-dashboard-metrics-scraper, runc, gke-gcloud-auth-plugin, newrelic-infrastructure-agent, dgraph, prometheus-stackdriver-exporter,...
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: bank-vaults, node-problem-detector, istio-pilot-agent, gitlab-shell, dagger, secrets-store-csi-driver-provider-azure, velero, gitlab-runner, kaf, rabbitmq-messaging-topology-operator, containerd, hugo, scorecard, kubernetes-dashboard-metrics-scraper, runc,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: wazero, node-problem-detector, gobuster, gitlab-shell, dagger, secrets-store-csi-driver-provider-azure, velero, gitlab-runner, kaf, regclient, prometheus-blackbox-exporter, nri-elasticsearch, scorecard, esbuild, kubernetes-dashboard-metrics-scraper, paranoia, task,...
7.8AI Score
0.0004EPSS
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: nuclei, bank-vaults, k8sgpt, rekor, cortex, timestamp-authority, tekton-pipelines, secrets-store-csi-driver-provider-azure, chezmoi, teleport, velero, gitlab-runner, py3-cassandra-medusa, restic, step, pulumi, airflow, hugo, goreleaser, zot, cert-manager, flux, trivy,....
5.5CVSS
6AI Score
0.0004EPSS
GHSA-M5VV-6R4H-3VJ9 vulnerabilities
Vulnerabilities for packages: nuclei, bank-vaults, k8sgpt, rekor, cortex, timestamp-authority, tekton-pipelines, secrets-store-csi-driver-provider-azure, chezmoi, teleport, velero, gitlab-runner, py3-cassandra-medusa, restic, step, pulumi, airflow, hugo, goreleaser, zot, cert-manager, flux, trivy,....
7.5AI Score
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: wazero, node-problem-detector, gobuster, gitlab-shell, dagger, secrets-store-csi-driver-provider-azure, velero, gitlab-runner, kaf, regclient, prometheus-blackbox-exporter, nri-elasticsearch, scorecard, esbuild, kubernetes-dashboard-metrics-scraper, paranoia, task,...
7.5AI Score
GHSA-JJG7-2V4V-X38H vulnerabilities
Vulnerabilities for packages: kubeflow-katib, az, kubeflow-jupyter-web-app, jwt-tool, confluent-docker-utils, k8s-sidecar, kubeflow-pipelines, dask-gateway, kubeflow-pipelines-visualization-server, py3.10-tensorflow-core, py3-cassandra-medusa, kubeflow-volumes-web-app, ggshield, datadog-agent,...
7.5AI Score
Vulnerabilities for packages: kubeflow-katib, az, kubeflow-jupyter-web-app, jwt-tool, confluent-docker-utils, k8s-sidecar, kubeflow-pipelines, dask-gateway, kubeflow-pipelines-visualization-server, py3.10-tensorflow-core, py3-cassandra-medusa, kubeflow-volumes-web-app, ggshield, datadog-agent,...
6.7AI Score
EPSS
7.5AI Score
4.4CVSS
5.6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
5.7AI Score
0.0005EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5CVSS
7.2AI Score
0.0004EPSS
7.5AI Score
7.3CVSS
7.1AI Score
0.0005EPSS
GHSA-HJ3V-M684-V259 vulnerabilities
Vulnerabilities for packages: minio, istio-pilot-agent, kyverno, falco, external-secrets-operator, mc, istio-operator, spire-server, boring-registry, falcoctl, istio-cni,...
7.5AI Score