7.5AI Score
7.5AI Score
7.5AI Score
9.8CVSS
7.1AI Score
0.002EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: bank-vaults, node-problem-detector, gobuster, istio-pilot-agent, gitlab-shell, gitlab-runner, kaf, coredns, prometheus-blackbox-exporter, containerd, hugo, kubernetes-dashboard-metrics-scraper, runc, gke-gcloud-auth-plugin, kubescape, newrelic-infrastructure-agent,...
7.5AI Score
GHSA-CR6F-GF5W-VHRC vulnerabilities
Vulnerabilities for packages: py3-pymongo, datadog-agent,...
7.5AI Score
6.1CVSS
7.6AI Score
0.001EPSS
CVE-2023-46129 vulnerabilities
Vulnerabilities for packages: nats, minio, nats-server, telegraf,...
7.5CVSS
7.8AI Score
0.001EPSS
8.1CVSS
7.2AI Score
0.001EPSS
7.5CVSS
7.7AI Score
0.001EPSS
7.5CVSS
7.7AI Score
0.001EPSS
7.5AI Score
7.5AI Score
GHSA-PVCR-V8J8-J5Q3 vulnerabilities
Vulnerabilities for packages: tekton-chains, minio, vexctl, istio-pilot-agent, kyverno, falco, external-secrets-operator, gitsign, mc, istio-operator, spire-server, kubescape, boring-registry, falcoctl, istio-cni,...
7.5AI Score
7.5AI Score
GHSA-MR45-RX8Q-WCM9 vulnerabilities
Vulnerabilities for packages: nats, minio, nats-server, telegraf,...
7.5AI Score
CVE-2024-27454 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...
7.5CVSS
7.7AI Score
0.0004EPSS
GHSA-3RQ5-2G8H-59HC vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...
7.5AI Score
GHSA-PWR2-4V36-6QPR vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...
7.5AI Score
GHSA-44WM-F244-XHP3 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, pytorch,...
7.5AI Score
7.5AI Score
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.8CVSS
7.1AI Score
0.0004EPSS
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: bank-vaults, croc, secrets-store-csi-driver-provider-azure, spqr, snyk-cli, gitlab-runner, kaf, regclient, coredns, containerd, scorecard, jitsucom-bulker, kubernetes-dashboard-metrics-scraper, flyte, paranoia, runc, gke-gcloud-auth-plugin, tempo,...
6.5AI Score
0.0004EPSS
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: bank-vaults, gobuster, gitlab-shell, secrets-store-csi-driver-provider-azure, snyk-cli, rabbitmq-messaging-topology-operator, coredns, kubernetes-dashboard-metrics-scraper, terraform-provider-azurerm, nri-f5, prometheus-nats-exporter, dgraph,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: wazero, node-problem-detector, gobuster, gitlab-shell, dagger, secrets-store-csi-driver-provider-azure, velero, gitlab-runner, kaf, regclient, prometheus-blackbox-exporter, nri-elasticsearch, scorecard, esbuild, kubernetes-dashboard-metrics-scraper, paranoia, task,...
6AI Score
0.0004EPSS
CVE-2024-21664 vulnerabilities
Vulnerabilities for packages: tekton-chains, minio, vexctl, istio-pilot-agent, kyverno, falco, external-secrets-operator, gitsign, mc, istio-operator, spire-server, kubescape, boring-registry, falcoctl, istio-cni,...
7.5CVSS
6.1AI Score
0.001EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
7.5AI Score
7.8CVSS
7.1AI Score
0.0004EPSS
RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations
A likely China-linked state-sponsored threat actor has been linked to a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan between November 2023 and April 2024. Recorded Future's Insikt Group is tracking the activity under the name...
7.8CVSS
8.8AI Score
0.879EPSS
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious...
0.0004EPSS
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious...
7.7AI Score
0.0004EPSS
CVE-2024-24550 Bludit - Remote Code Execution (RCE) through File API
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious...
0.0004EPSS
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS....
7.6CVSS
0.0004EPSS
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS....
7.6CVSS
7.6AI Score
0.0004EPSS
CVE-2024-4499 CSRF Vulnerability in parisneo/lollms XTTS Server
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS....
7.6CVSS
0.0004EPSS
MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. When a victim opens the details of this transaction in the client, files can be written to the computer on which the client process is running. (The server process is not...
6.9AI Score
0.0004EPSS
MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. When a victim opens the details of this transaction in the client, files can be written to the computer on which the client process is running. (The server process is not...
0.0004EPSS
The Ultimate Guide To Buying A Server For Your Small Business
Purchasing a server might be difficult. This is particularly valid for those making their first purchase. There...
7.3AI Score