Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server Security Vulnerabilities

nvd
nvd

CVE-2024-35119

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: ...

5.3CVSS

EPSS

2024-06-30 05:15 PM
1
cve
cve

CVE-2024-35119

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: ...

5.3CVSS

4.9AI Score

EPSS

2024-06-30 05:15 PM
5
nvd
nvd

CVE-2024-28798

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

7.2CVSS

EPSS

2024-06-30 05:15 PM
cve
cve

CVE-2024-28798

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

7.2CVSS

6.2AI Score

EPSS

2024-06-30 05:15 PM
4
nvd
nvd

CVE-2023-50954

IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. IBM X-Force ID: ...

4.3CVSS

EPSS

2024-06-30 05:15 PM
1
nvd
nvd

CVE-2024-31902

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: ...

4.3CVSS

EPSS

2024-06-30 05:15 PM
1
cve
cve

CVE-2023-50954

IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. IBM X-Force ID: ...

4.3CVSS

4.2AI Score

EPSS

2024-06-30 05:15 PM
2
cve
cve

CVE-2024-31902

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: ...

4.3CVSS

4.7AI Score

EPSS

2024-06-30 05:15 PM
4
cvelist
cvelist

CVE-2023-50954 IBM InfoSphere Information Server information disclosure

IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. IBM X-Force ID: ...

4.3CVSS

EPSS

2024-06-30 04:40 PM
1
cvelist
cvelist

CVE-2024-31902 IBM InfoSphere Information Server cross-site request forgery

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: ...

4.3CVSS

EPSS

2024-06-30 04:38 PM
1
cvelist
cvelist

CVE-2024-35119 IBM InfoSphere Information Server information disclosure

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: ...

5.3CVSS

EPSS

2024-06-30 04:36 PM
cve
cve

CVE-2024-28795

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS

6AI Score

EPSS

2024-06-30 04:15 PM
5
cve
cve

CVE-2023-35022

IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access. IBM X-Force ID: ...

4CVSS

6.1AI Score

EPSS

2024-06-30 04:15 PM
6
nvd
nvd

CVE-2024-28795

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS

EPSS

2024-06-30 04:15 PM
1
nvd
nvd

CVE-2023-35022

IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access. IBM X-Force ID: ...

4CVSS

EPSS

2024-06-30 04:15 PM
1
cvelist
cvelist

CVE-2024-28798 IBM InfoSphere Information Server cross-site scripting

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

7.2CVSS

EPSS

2024-06-30 04:12 PM
1
cvelist
cvelist

CVE-2023-35022 IBM InfoSphere Information Server improper authentication

IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access. IBM X-Force ID: ...

4CVSS

EPSS

2024-06-30 04:10 PM
1
cvelist
cvelist

CVE-2024-28795 IBM InfoSphere Information Server cross-site scripting

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS

EPSS

2024-06-30 04:00 PM
3
wolfi
wolfi

GHSA-MRWW-27VC-GGHV vulnerabilities

Vulnerabilities for packages: ferretdb, src, k3s, caddy, step-ca, temporal-server, trillian, argo-workflows, kine, telegraf, amass, keda, kots, kube-bench, vault,...

7.5AI Score

2024-06-30 03:33 PM
115
wolfi
wolfi

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: step-ca, gitlab-runner, k3s, kubescape, actions-runner-controller, grafana-mimir, zot, terraform-provider-azurerm, loki, keda, flux-notification-controller, aactl, rabbitmq-messaging-topology-operator, sops, tekton-pipelines, vexctl, slsa-verifier, glab, argo-cd,...

6CVSS

6AI Score

0.0004EPSS

2024-06-30 03:33 PM
15
wolfi
wolfi

GHSA-VQ7J-GX56-RXJH vulnerabilities

Vulnerabilities for packages: falco, metrics-server,...

7.5AI Score

2024-06-30 03:33 PM
162
wolfi
wolfi

CVE-2024-28219 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-pillow,...

6.7CVSS

7AI Score

0.0004EPSS

2024-06-30 03:33 PM
43
wolfi
wolfi

GHSA-M87M-MMVP-V9QM vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-30 03:33 PM
10
wolfi
wolfi

CVE-2024-20994 vulnerabilities

Vulnerabilities for packages:...

5.3CVSS

6.1AI Score

0.0004EPSS

2024-06-30 03:33 PM
8
wolfi
wolfi

CVE-2024-21047 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-30 03:33 PM
14
wolfi
wolfi

CVE-2024-21062 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-30 03:33 PM
13
wolfi
wolfi

GHSA-5XQ9-RCPJ-P52V vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-30 03:33 PM
9
wolfi
wolfi

GHSA-88H4-JW57-85V9 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-30 03:33 PM
12
wolfi
wolfi

GHSA-R27R-5FWH-VXQW vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-30 03:33 PM
11
wolfi
wolfi

CVE-2024-21885 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-30 03:33 PM
45
wolfi
wolfi

CVE-2024-21886 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-30 03:33 PM
45
wolfi
wolfi

GHSA-49WX-9H9F-8C9G vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-30 03:33 PM
45
wolfi
wolfi

CVE-2024-31080 vulnerabilities

Vulnerabilities for packages:...

7.3CVSS

7.1AI Score

0.0005EPSS

2024-06-30 03:33 PM
38
wolfi
wolfi

CVE-2024-21506 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, datadog-agent,...

6.7AI Score

0.0004EPSS

2024-06-30 03:33 PM
47
wolfi
wolfi

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: kubescape, dex, cilium-envoy, oauth2-proxy, keda, aactl, sops, tekton-pipelines, vexctl, slsa-verifier, argo-cd, argo-workflows, flux-kustomize-controller, traefik, cloudflared, falco, spire-server, gitsign, tekton-chains, kyverno, vault, cosign,...

7.5AI Score

2024-06-30 03:33 PM
354
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, dex, aws-ebs-csi-driver, kustomize, nri-apache, loki, vexctl, gatekeeper, speedtest-go, cortex, slsa-verifier, yam, cri-tools, nri-discovery-kubernetes, argo-cd, nri-memcached,...

7.8AI Score

0.0004EPSS

2024-06-30 03:33 PM
198
wolfi
wolfi

CVE-2024-29018 vulnerabilities

Vulnerabilities for packages: kubescape, wolfictl, zot, loki, aactl, conftest, crossplane, kargo, goreleaser, telegraf, ctop, datadog-agent, cadvisor, spire-server, up, buf, ko, buildkitd, syft, trivy, prometheus, grype, tkn, dagger, docker-compose, melange,...

5.9CVSS

6.1AI Score

0.0004EPSS

2024-06-30 03:33 PM
161
wolfi
wolfi

GHSA-MQ39-4GV4-MVPX vulnerabilities

Vulnerabilities for packages: kubescape, wolfictl, zot, loki, aactl, conftest, crossplane, kargo, goreleaser, telegraf, ctop, datadog-agent, cadvisor, spire-server, up, buf, ko, buildkitd, syft, trivy, prometheus, grype, tkn, dagger, docker-compose, melange,...

7.5AI Score

2024-06-30 03:33 PM
147
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, grafana-agent-operator, chartmuseum, caddy, dex, aws-ebs-csi-driver, oauth2-proxy, kustomize, loki, vexctl, aactl, gatekeeper, docker, cortex, slsa-verifier, cri-tools, nri-discovery-kubernetes,...

7.5AI Score

2024-06-30 03:33 PM
186
wolfi
wolfi

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: ferretdb, src, k3s, caddy, step-ca, temporal-server, trillian, argo-workflows, kine, telegraf, amass, keda, kots, kube-bench, vault,...

9.8CVSS

9.7AI Score

0.0004EPSS

2024-06-30 03:33 PM
134
wolfi
wolfi

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: kubescape, wolfictl, zot, vexctl, aactl, apko, slsa-verifier, goreleaser, neuvector-sigstore-interface, spire-server, falco, gitsign, tekton-chains, ko, zarf, skaffold, tkn, policy-controller, flux-source-controller, melange,...

7.5AI Score

2024-06-30 03:33 PM
91
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: dex, dotnet, cilium-envoy, oauth2-proxy, tomcat, aactl, gatekeeper, nghttp2, cortex, slsa-verifier, git-lfs, argo-cd, goreleaser, gke-gcloud-auth-plugin, traefik, falco, spark-operator, cosign, nats, kubernetes-csi-node-driver-registrar, prometheus-blackbox-exporter,.....

7.5CVSS

9AI Score

0.732EPSS

2024-06-30 03:33 PM
628
wolfi
wolfi

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, ggshield, kubeflow-pipelines-visualization-server, py3-idna, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-cassandra-medusa, datadog-agent, kubeflow-pipelines, confluent-docker-utils, k8s-sidecar, py3.10-tensorflow-core, dask-gateway, az,...

6.7AI Score

EPSS

2024-06-30 03:33 PM
26
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, go, aactl, gatekeeper, cri-tools, flannel, istio-cni, nri-memcached, goreleaser, bazelisk, cloudflared, spark-operator, gptscript, configmap-reload, newrelic-infra-operator, containerd,...

6.8AI Score

0.0004EPSS

2024-06-30 03:33 PM
58
wolfi
wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, grafana-agent-operator, chartmuseum, caddy, go, hcloud, dex, aws-ebs-csi-driver, oauth2-proxy, kustomize, loki, aactl, go-fips, cortex, cri-tools, git-lfs, step, istio-operator, flannel, sonobuoy,...

6.5AI Score

0.0004EPSS

2024-06-30 03:33 PM
22
wolfi
wolfi

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, grafana-agent-operator, chartmuseum, caddy, go, hcloud, dex, aws-ebs-csi-driver, oauth2-proxy, kustomize, loki, aactl, go-fips, cortex, cri-tools, git-lfs, step, istio-operator, flannel, sonobuoy,...

7.5AI Score

2024-06-30 03:33 PM
16
wolfi
wolfi

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, go, aactl, gatekeeper, cri-tools, flannel, istio-cni, nri-memcached, bazelisk, local-static-provisioner, cloudflared, configmap-reload, newrelic-infra-operator, dagger, vcluster, go-md2man,...

5.5CVSS

6.1AI Score

0.0004EPSS

2024-06-30 03:33 PM
26
wolfi
wolfi

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: step-ca, gitlab-runner, k3s, kubescape, actions-runner-controller, grafana-mimir, zot, terraform-provider-azurerm, loki, keda, flux-notification-controller, aactl, rabbitmq-messaging-topology-operator, sops, tekton-pipelines, vexctl, slsa-verifier, glab, argo-cd,...

7.5AI Score

2024-06-30 03:33 PM
2
wolfi
wolfi

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard-metrics-scraper, gitlab-logger, docker-credential-ecr-login, grpcurl, gops, cilium-envoy, nsc, aws-flb-kinesis, go-bindata, flannel-cni-plugin, aactl, aws-flb-cloudwatch, sops, petname, cortex, slsa-verifier, docker-cli, nri-discovery-kubernetes,.....

7.5CVSS

7.9AI Score

0.001EPSS

2024-06-30 03:33 PM
59
wolfi
wolfi

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard-metrics-scraper, chartmuseum, dex, aws-ebs-csi-driver, oauth2-proxy, aactl, gatekeeper, git-lfs, argo-cd, goreleaser, gke-gcloud-auth-plugin, timoni, vault, spark-operator, cosign, kubernetes-csi-node-driver-registrar,...

6.1CVSS

7.3AI Score

0.001EPSS

2024-06-30 03:33 PM
94
Total number of security vulnerabilities538322