PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS
PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
smartorder.dreve-america.com Cross Site Scripting vulnerability OBB-3932449
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
bakerfurniture.com Cross Site Scripting vulnerability OBB-3932448
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1
CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1. A patched version of the package is...
6.8AI Score
0.962EPSS
CVE-2023-44487 affecting package moby-engine for versions less than 20.10.25-2
CVE-2023-44487 affecting package moby-engine for versions less than 20.10.25-2. A patched version of the package is...
7.8AI Score
0.72EPSS
CVE-2024-23653 affecting package moby-engine for versions less than 20.10.27-3
CVE-2024-23653 affecting package moby-engine for versions less than 20.10.27-3. A patched version of the package is...
7.3AI Score
0.001EPSS
7.1AI Score
0.0004EPSS
7.5AI Score
7.1AI Score
0.0004EPSS
7.1AI Score
0.0005EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: falcoctl, melange, tkn, skaffold, flux-source-controller, tekton-chains, zarf, gitsign, aactl, spire-server, goreleaser, kubescape, zot, policy-controller, wolfictl, neuvector-sigstore-interface, ko, apko, slsa-verifier, vexctl,...
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, kyverno, kind, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy, node-problem-detector, traefik, kubewatch, minio, kubevela, kots, conftest, kubescape,...
8.7AI Score
0.72EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: kyverno, cilium-envoy, fulcio, tkn, flux-source-controller, cosign, tekton-chains, keda, argo-workflows, istio-pilot-discovery, dex, oauth2-proxy, traefik, gitsign, aactl, external-secrets-operator, spire-server, kots, cert-manager, kubescape, sops, terragrunt,...
7.5AI Score
CVE-2024-29018 vulnerabilities
Vulnerabilities for packages: buildkitd, melange, tkn, buf, up, kargo, datadog-agent, crossplane, grype, cadvisor, aactl, kaniko, dagger, trivy, spire-server, goreleaser, conftest, ctop, kubescape, zot, wolfictl, telegraf, ko, syft, prometheus, loki,...
5.9AI Score
0.0004EPSS
GHSA-MQ39-4GV4-MVPX vulnerabilities
Vulnerabilities for packages: buildkitd, melange, tkn, buf, up, kargo, datadog-agent, crossplane, grype, cadvisor, aactl, kaniko, dagger, trivy, spire-server, goreleaser, conftest, ctop, kubescape, zot, wolfictl, telegraf, ko, syft, prometheus, loki,...
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, flannel, bank-vaults, etcd, kyverno, tflint, kubernetes-csi-driver-hostpath, nuclei, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, nerdctl, rabbitmq-cluster-operator, zarf,...
7.5AI Score
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: trillian, src, temporal-server, kots, step-ca, k3s, telegraf, kine, kube-bench, vault, amass, ferretdb, caddy, keda, argo-workflows,...
9.7AI Score
0.0004EPSS
GHSA-MRWW-27VC-GGHV vulnerabilities
Vulnerabilities for packages: trillian, src, temporal-server, kots, step-ca, k3s, telegraf, kine, kube-bench, vault, amass, ferretdb, caddy, keda, argo-workflows,...
7.5AI Score
5.3AI Score
0.0004EPSS
7.5AI Score
6.7AI Score
0.0004EPSS
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
7.5AI Score
7.7AI Score
0.001EPSS
7.5AI Score
7.5AI Score
7.1AI Score
0.0004EPSS
7.1AI Score
0.0005EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: helm, flannel, harbor, neuvector-scanner, flyte, aws-efs-csi-driver, kargo, go-md2man, node-problem-detector, kubewatch, cass-operator, harbor-registry, nri-redis, chartmuseum, nri-memcached, spqr, hubble-ui, ferretdb, prometheus-mongodb-exporter, oras, rekor,...
7AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...
7.5AI Score
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...
8.2AI Score
0.001EPSS
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, bank-vaults, kyverno, nfs-subdir-external-provisioner, keda, cluster-autoscaler, fuse-overlayfs-snapshotter, vertical-pod-autoscaler, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy,...
6.5AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: helm, gomplate, cloud-sql-proxy, bank-vaults, kyverno, caddy, nfs-subdir-external-provisioner, cluster-autoscaler, nerdctl, nri-mssql, secrets-store-csi-driver, oauth2-proxy, crossplane, node-problem-detector, traefik, kubewatch, flux-image-reflector-controller, kots,....
7AI Score
0.962EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, flannel, bank-vaults, etcd, kyverno, tflint, kubernetes-csi-driver-hostpath, nuclei, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, nerdctl, rabbitmq-cluster-operator, zarf,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
6.5AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...
7.5AI Score
GHSA-JJG7-2V4V-X38H vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, confluent-docker-utils, jwt-tool, k8s-sidecar, dask-gateway, kubeflow-katib, kubeflow-pipelines-visualization-server, py3-cassandra-medusa, datadog-agent, py3.10-tensorflow-core, kubeflow-pipelines, py3-idna, kubeflow-volumes-web-app, az,...
7.5AI Score
Vulnerabilities for packages: kubeflow-jupyter-web-app, confluent-docker-utils, jwt-tool, k8s-sidecar, dask-gateway, kubeflow-katib, kubeflow-pipelines-visualization-server, py3-cassandra-medusa, datadog-agent, py3.10-tensorflow-core, kubeflow-pipelines, py3-idna, kubeflow-volumes-web-app, az,...
6.5AI Score
GHSA-HJ3V-M684-V259 vulnerabilities
Vulnerabilities for packages: istio-pilot-agent, istio-pilot-discovery, istio-cni, falcoctl, boring-registry, istio-operator, kyverno, mc, falco, minio, external-secrets-operator,...
7.5AI Score
7.1AI Score
0.0004EPSS
7.5AI Score
GHSA-88JX-383Q-W4QC vulnerabilities
Vulnerabilities for packages: falcoctl, melange, tkn, skaffold, flux-source-controller, tekton-chains, zarf, gitsign, aactl, spire-server, goreleaser, kubescape, zot, policy-controller, wolfictl, neuvector-sigstore-interface, ko, apko, slsa-verifier, vexctl,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: helm, flannel, harbor, neuvector-scanner, flyte, aws-efs-csi-driver, kargo, go-md2man, node-problem-detector, kubewatch, cass-operator, harbor-registry, nri-redis, chartmuseum, nri-memcached, spqr, hubble-ui, ferretdb, prometheus-mongodb-exporter, oras, rekor,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, flannel, bank-vaults, etcd, kyverno, harbor, crane, kubernetes-csi-driver-hostpath, kind, pombump, caddy, kubebuilder, nfs-subdir-external-provisioner, multus-cni, neuvector-scanner, fuse-overlayfs-snapshotter,...
7.5AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, bank-vaults, kyverno, kind, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, fuse-overlayfs-snapshotter, vertical-pod-autoscaler, aws-efs-csi-driver, secrets-store-csi-driver, oauth2-proxy,.....
8.2AI Score
0.002EPSS
CVE-2023-46737 vulnerabilities
Vulnerabilities for packages: goreleaser, policy-controller, falco, kubescape, ko, apko, slsa-verifier, melange, tkn, skaffold, aactl, cosign, tekton-chains,...
5.4AI Score
0.0005EPSS
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: pulumi-language-yaml, gitness, melange, tkn, skaffold, flux-source-controller, cosign, tekton-chains, keda, crossplane-provider-aws, zarf, actions-runner-controller, pulumi-kubernetes-operator, flux-notification-controller, crossplane, gitsign, pulumi-language-dotnet,....
7.5AI Score
GHSA-C5Q2-7R4C-MV6G vulnerabilities
Vulnerabilities for packages: step-ca, istio-cni, falcoctl, istio-operator, kyverno, fulcio, melange, tkn, skaffold, flux-source-controller, cosign, tekton-chains, keda, argo-workflows, nerdctl, cilium, zarf, istio-pilot-discovery, dex, kargo, rook, oauth2-proxy, gitsign, aactl, containerd,...
7.5AI Score