Lucene search

K

Intel(R) CSME, Server Platform Services, Trusted Execution Engine And Intel(R) Active Management Technology Security Vulnerabilities

nvd
nvd

CVE-2024-37662

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

EPSS

2024-06-17 06:15 PM
2
nvd
nvd

CVE-2024-37664

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

EPSS

2024-06-17 06:15 PM
2
nvd
nvd

CVE-2024-37661

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

EPSS

2024-06-17 06:15 PM
2
cve
cve

CVE-2024-37663

Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

6.6AI Score

EPSS

2024-06-17 06:15 PM
2
cve
cve

CVE-2024-36973

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function gp_auxiliary_device_release() calls...

6.6AI Score

EPSS

2024-06-17 06:15 PM
1
cve
cve

CVE-2024-37664

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

6.7AI Score

EPSS

2024-06-17 06:15 PM
2
cve
cve

CVE-2024-37662

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

7AI Score

EPSS

2024-06-17 06:15 PM
2
cve
cve

CVE-2024-37661

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

6.6AI Score

EPSS

2024-06-17 06:15 PM
2
nvd
nvd

CVE-2024-37663

Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

EPSS

2024-06-17 06:15 PM
2
nvd
nvd

CVE-2024-36527

puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the...

EPSS

2024-06-17 06:15 PM
2
cve
cve

CVE-2024-36527

puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the...

6.1AI Score

EPSS

2024-06-17 06:15 PM
2
openbugbounty
openbugbounty

alexander-meinzer.de Cross Site Scripting vulnerability OBB-3935984

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 06:15 PM
2
openbugbounty
openbugbounty

muelltueten.de Cross Site Scripting vulnerability OBB-3935983

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 06:10 PM
3
openbugbounty
openbugbounty

guersel-transporte.de Cross Site Scripting vulnerability OBB-3935982

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 06:08 PM
3
openbugbounty
openbugbounty

remember-cars.de Cross Site Scripting vulnerability OBB-3935980

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 06:05 PM
2
cvelist
cvelist

CVE-2024-6058 LabVantage LIMS cross site scripting

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page&page=SampleHistoricalList&_iframename=list&__crc=crc_1701669816260. The manipulation of the argument height/width leads to cross site scripting. It....

3.5CVSS

EPSS

2024-06-17 06:00 PM
1
cvelist
cvelist

CVE-2024-36973 misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe()

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function gp_auxiliary_device_release() calls...

EPSS

2024-06-17 05:51 PM
1
cbl_mariner
cbl_mariner

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1. A patched version of the package is...

5.9CVSS

6.8AI Score

0.962EPSS

2024-06-17 05:41 PM
13
cbl_mariner
cbl_mariner

CVE-2024-23653 affecting package moby-engine for versions less than 20.10.27-3

CVE-2024-23653 affecting package moby-engine for versions less than 20.10.27-3. A patched version of the package is...

9.8CVSS

7.3AI Score

0.001EPSS

2024-06-17 05:41 PM
9
cvelist
cvelist

CVE-2024-6056 nasirkhan Laravel Starter Password Reset forgot-password observable response discrepancy

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...

3.7CVSS

EPSS

2024-06-17 05:31 PM
wolfi
wolfi

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: flux-source-controller, falco, neuvector-sigstore-interface, gitsign, kubescape, slsa-verifier, apko, melange, policy-controller, goreleaser, zot, aactl, wolfictl, tkn, spire-server, zarf, skaffold, ko, tekton-chains, vexctl,...

7.5AI Score

2024-06-17 05:30 PM
67
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: bom, prometheus-adapter, gomplate, kubevela, atlantis, gatekeeper, kubernetes-csi-livenessprobe, argo-cd, weaviate, cue, kyverno, ingress-nginx-controller, gke-gcloud-auth-plugin, helm, prometheus-elasticsearch-exporter, cortex, aactl, calico, kubeflow-katib,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-17 05:30 PM
571
wolfi
wolfi

CVE-2024-29018 vulnerabilities

Vulnerabilities for packages: up, syft, kaniko, kubescape, trivy, melange, grype, dagger, cadvisor, goreleaser, zot, aactl, ctop, wolfictl, kargo, buildkitd, datadog-agent, conftest, buf, tkn, prometheus, spire-server, crossplane, ko, loki, telegraf,...

5.9CVSS

5.9AI Score

0.0004EPSS

2024-06-17 05:30 PM
139
wolfi
wolfi

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: oauth2-proxy, kots, flux-source-controller, falco, cert-manager, traefik, gitsign, terragrunt, cilium-envoy, argo-cd, sops, kubescape, istio-pilot-discovery, rekor, kyverno, slsa-verifier, cosign, aactl, cloudflared, fulcio, vault, keda, tkn, argo-workflows,...

7.5AI Score

2024-06-17 05:30 PM
331
wolfi
wolfi

GHSA-MQ39-4GV4-MVPX vulnerabilities

Vulnerabilities for packages: up, syft, kaniko, kubescape, trivy, melange, grype, dagger, cadvisor, goreleaser, zot, aactl, ctop, wolfictl, kargo, buildkitd, datadog-agent, conftest, buf, tkn, prometheus, spire-server, crossplane, ko, loki, telegraf,...

7.5AI Score

2024-06-17 05:30 PM
126
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: cilium, kwok, prometheus-nats-exporter, prometheus-adapter, eksctl, gomplate, kubevela, atlantis, local-path-provisioner, kaniko, terragrunt, caddy, metallb, gatekeeper, kubernetes-csi-livenessprobe, argo-cd, filebeat, trillian, weaviate, volume-modifier-for-k8s,...

7.5AI Score

2024-06-17 05:30 PM
163
wolfi
wolfi

CVE-2024-28219 vulnerabilities

Vulnerabilities for packages: py3-pillow, kubeflow-pipelines-visualization-server,...

6.7CVSS

7AI Score

0.0004EPSS

2024-06-17 05:30 PM
35
wolfi
wolfi

GHSA-M87M-MMVP-V9QM vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-17 05:30 PM
5
wolfi
wolfi

GHSA-49WX-9H9F-8C9G vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-17 05:30 PM
37
wolfi
wolfi

CVE-2024-21886 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-17 05:30 PM
41
wolfi
wolfi

CVE-2024-31080 vulnerabilities

Vulnerabilities for packages:...

7.3CVSS

7.1AI Score

0.0005EPSS

2024-06-17 05:30 PM
27
wolfi
wolfi

GHSA-MRWW-27VC-GGHV vulnerabilities

Vulnerabilities for packages: k3s, amass, ferretdb, kots, spicedb, kine, temporal-server, vault, src, trillian, keda, caddy, kube-bench, step-ca, telegraf,...

7.5AI Score

2024-06-17 05:30 PM
95
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: wire-go, kwok, bom, prometheus-adapter, eksctl, gomplate, kubevela, local-path-provisioner, nri-elasticsearch, trillian, caddy, docker-credential-ecr-login, gatekeeper, kubernetes-csi-livenessprobe, argo-cd, filebeat, metallb, aws-flb-firehose, wazero,...

7.8AI Score

0.0004EPSS

2024-06-17 05:30 PM
175
wolfi
wolfi

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: k3s, amass, ferretdb, kots, spicedb, kine, temporal-server, vault, src, trillian, keda, caddy, kube-bench, step-ca, telegraf,...

9.8CVSS

9.7AI Score

0.0004EPSS

2024-06-17 05:30 PM
110
wolfi
wolfi

CVE-2024-21506 vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-pipelines-visualization-server,...

5.5AI Score

0.0004EPSS

2024-06-17 05:30 PM
37
wolfi
wolfi

GHSA-VQ7J-GX56-RXJH vulnerabilities

Vulnerabilities for packages: metrics-server, kind,...

7.5AI Score

2024-06-17 05:30 PM
152
wolfi
wolfi

CVE-2024-20994 vulnerabilities

Vulnerabilities for packages:...

5.3CVSS

6.1AI Score

0.0004EPSS

2024-06-17 05:30 PM
4
wolfi
wolfi

CVE-2024-21047 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-17 05:30 PM
8
wolfi
wolfi

CVE-2024-21062 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-17 05:30 PM
5
wolfi
wolfi

GHSA-5XQ9-RCPJ-P52V vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-17 05:30 PM
2
wolfi
wolfi

GHSA-88H4-JW57-85V9 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-17 05:30 PM
5
wolfi
wolfi

GHSA-R27R-5FWH-VXQW vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-17 05:30 PM
3
wolfi
wolfi

CVE-2024-21885 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-17 05:30 PM
39
wolfi
wolfi

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: py3-cassandra-medusa, jwt-tool, ggshield, kubeflow-katib, k8s-sidecar, kubeflow-jupyter-web-app, confluent-docker-utils, kubeflow-pipelines-visualization-server, py3-idna, datadog-agent, kubeflow-pipelines, dask-gateway, kubeflow-volumes-web-app,...

8AI Score

EPSS

2024-06-17 05:30 PM
25
wolfi
wolfi

GHSA-HJ3V-M684-V259 vulnerabilities

Vulnerabilities for packages: spire-server, falco, external-secrets-operator, istio-pilot-discovery, mc, kyverno, minio, istio-cni, istio-pilot-agent, istio-operator, boring-registry,...

7.5AI Score

2024-06-17 05:30 PM
11
wolfi
wolfi

GHSA-679V-HH23-H5JH vulnerabilities

Vulnerabilities for packages: metrics-server, kind,...

7.5AI Score

2024-06-17 05:30 PM
3
wolfi
wolfi

CVE-2024-35178 vulnerabilities

Vulnerabilities for packages:...

7.5CVSS

7.2AI Score

0.0004EPSS

2024-06-17 05:30 PM
wolfi
wolfi

CVE-2024-31082 vulnerabilities

Vulnerabilities for packages:...

7.3CVSS

7.1AI Score

0.0004EPSS

2024-06-17 05:30 PM
16
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: flyte, prometheus-adapter, gomplate, local-path-provisioner, nri-elasticsearch, metallb, ferretdb, prometheus-alertmanager, mongo-tools, prometheus-elasticsearch-exporter, cadvisor, terraform-docs, calico, kubeflow-katib, rabbitmq-messaging-topology-operator, yam,...

6.8AI Score

0.0004EPSS

2024-06-17 05:30 PM
52
wolfi
wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: wire-go, extism, kwok, prometheus-nats-exporter, bom, flyte, prometheus-adapter, eksctl, gomplate, local-path-provisioner, atlantis, trillian, caddy, docker-credential-ecr-login, kubernetes-csi-livenessprobe, volume-modifier-for-k8s, tempo, cue, ferretdb, gosu,...

6.5AI Score

0.0004EPSS

2024-06-17 05:30 PM
16
Total number of security vulnerabilities2900044