GHSA-VVPX-J8F3-3W6H vulnerabilities
Vulnerabilities for packages: go, restic, hey, falco, wireguard-go, k3d, grpcurl, gke-gcloud-auth-plugin,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: grype, runc, k9s, newrelic-infrastructure-agent, zarf, buildkitd, k3s, ingress-nginx-controller, nerdctl, k3d, zot, trivy, datadog-agent, nvidia-device-plugin, wolfictl, ctop, skopeo, kubescape, docker, telegraf, cadvisor, skaffold, kubernetes, kaniko, syft,...
7.5AI Score
0.051EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, crossplane-provider-aws, kargo, ollama, cri-tools, protoc-gen-go-grpc, runc, kine, kubernetes-dashboard-metrics-scraper, metrics-server, cilium, actions-runner-controller, istio-pilot-discovery, prometheus-operator, tkn,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
6.5AI Score
0.0004EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: istio-envoy, ollama, kind, metrics-server, terraform-provider-azurerm, buildkitd, pulumi-language-dotnet, stakater-reloader, envoy-ratelimit, dex, tctl, kubernetes-csi-node-driver-registrar, aactl, nats, secrets-store-csi-driver, aws-efs-csi-driver, gatekeeper,...
8.7AI Score
0.72EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, kafka_exporter, hello-world-golang, crossplane-provider-aws, runc, cri-tools, kind, kubernetes-dashboard-metrics-scraper, metrics-server, harbor-registry, buildkitd, pulumi-language-dotnet, docker-compose, grafana-rollout-operator, karpenter,.....
7.5AI Score
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, kafka_exporter, hello-world-golang, crossplane-provider-aws, runc, cri-tools, kind, kubernetes-dashboard-metrics-scraper, metrics-server, harbor-registry, buildkitd, pulumi-language-dotnet, docker-compose, grafana-rollout-operator, karpenter,.....
6.5AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: flannel-cni-plugin, sbom-scorecard, cortex, falco, hey, protoc-gen-go-grpc, gobuster, kind, kubernetes-dashboard-metrics-scraper, metrics-server, sops, cni-plugins, go-md2man, grpcurl, nri-discovery-kubernetes, oras, vertical-pod-autoscaler, scorecard,...
8.2AI Score
0.001EPSS
Vulnerabilities for packages: crossplane-provider-aws, runc, ollama, kubernetes-dashboard-metrics-scraper, metrics-server, tkn, prometheus-operator, buildkitd, pulumi-language-dotnet, stakater-reloader, cloud-sql-proxy, karpenter, dex, zot, tctl, kubernetes-csi-node-driver-registrar, aactl,...
6.5AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, crossplane-provider-aws, kargo, ollama, cri-tools, protoc-gen-go-grpc, runc, kine, kubernetes-dashboard-metrics-scraper, metrics-server, cilium, actions-runner-controller, istio-pilot-discovery, prometheus-operator, tkn,...
6.7AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
7.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
6.5AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, kind, prometheus-operator, envoy-ratelimit, step-ca, dex, tctl, aactl, docker-cli, kube-logging-operator, gatekeeper, kyverno, nri-consul, nri-redis, external-dns, boring-registry, cluster-api-controller, go,...
6.9AI Score
0.0004EPSS
CVE-2022-41723 vulnerabilities
Vulnerabilities for packages: go, restic, hey, falco, wireguard-go, k3d, grpcurl, gke-gcloud-auth-plugin,...
8.2AI Score
0.02EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws, runc, ollama, kind, kubernetes-dashboard-metrics-scraper, metrics-server, istio-pilot-discovery, tkn, prometheus-operator, buildkitd, pulumi-language-dotnet, stakater-reloader, cloud-sql-proxy, karpenter, dex, zot, tctl,...
8.2AI Score
0.002EPSS
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, kind, prometheus-operator, envoy-ratelimit, step-ca, dex, tctl, aactl, docker-cli, kube-logging-operator, gatekeeper, kyverno, nri-consul, nri-redis, external-dns, boring-registry, cluster-api-controller, go,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, kafka_exporter, hello-world-golang, crossplane-provider-aws, runc, cri-tools, kind, kubernetes-dashboard-metrics-scraper, metrics-server, harbor-registry, buildkitd, pulumi-language-dotnet, docker-compose, grafana-rollout-operator, karpenter,.....
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
7.5AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: flannel-cni-plugin, sbom-scorecard, cortex, falco, hey, protoc-gen-go-grpc, gobuster, kind, kubernetes-dashboard-metrics-scraper, metrics-server, sops, cni-plugins, go-md2man, grpcurl, nri-discovery-kubernetes, oras, vertical-pod-autoscaler, scorecard,...
7.5AI Score
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: flannel-cni-plugin, sbom-scorecard, cortex, falco, hey, protoc-gen-go-grpc, gobuster, kind, kubernetes-dashboard-metrics-scraper, metrics-server, sops, cni-plugins, go-md2man, grpcurl, nri-discovery-kubernetes, oras, vertical-pod-autoscaler, scorecard,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws, runc, ollama, kind, kubernetes-dashboard-metrics-scraper, metrics-server, istio-pilot-discovery, tkn, prometheus-operator, buildkitd, pulumi-language-dotnet, stakater-reloader, cloud-sql-proxy, karpenter, dex, zot, tctl,...
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws, runc, ollama, kubernetes-dashboard-metrics-scraper, metrics-server, tkn, prometheus-operator, buildkitd, pulumi-language-dotnet, stakater-reloader, cloud-sql-proxy, karpenter, dex, zot, tctl, kubernetes-csi-node-driver-registrar, aactl,...
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: istio-envoy, ollama, kind, metrics-server, terraform-provider-azurerm, buildkitd, pulumi-language-dotnet, stakater-reloader, envoy-ratelimit, dex, tctl, kubernetes-csi-node-driver-registrar, aactl, nats, secrets-store-csi-driver, aws-efs-csi-driver, gatekeeper,...
7.5AI Score
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: flux-notification-controller, gitlab-pages, conftest, cortex, falco, grype, oauth2-proxy, prometheus-adapter, metrics-server, pulumi, cert-manager, kubernetes-csi-livenessprobe, kubeflow-katib, terraform-provider-azurerm, buildkitd, pulumi-language-dotnet,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
7.5AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
6.5AI Score
0.0004EPSS
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
6.5AI Score
0.0004EPSS
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: flannel-cni-plugin, sbom-scorecard, cortex, falco, hey, protoc-gen-go-grpc, gobuster, kind, kubernetes-dashboard-metrics-scraper, metrics-server, sops, cni-plugins, go-md2man, grpcurl, nri-discovery-kubernetes, oras, vertical-pod-autoscaler, scorecard,...
7.4AI Score
0.001EPSS
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, kafka_exporter, hello-world-golang, crossplane-provider-aws, runc, cri-tools, kind, kubernetes-dashboard-metrics-scraper, metrics-server, harbor-registry, buildkitd, pulumi-language-dotnet, docker-compose, grafana-rollout-operator, karpenter,.....
6.5AI Score
0.0004EPSS
GHSA-XR7R-F8XQ-VFVV vulnerabilities
Vulnerabilities for packages: grype, runc, k9s, newrelic-infrastructure-agent, zarf, buildkitd, k3s, ingress-nginx-controller, nerdctl, k3d, zot, trivy, datadog-agent, nvidia-device-plugin, wolfictl, ctop, skopeo, kubescape, docker, telegraf, cadvisor, skaffold, kubernetes, kaniko, syft,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: newrelic-infra-operator, hello-world-golang, runc, protoc-gen-go-grpc, cri-tools, kind, kine, kubernetes-dashboard-metrics-scraper, metrics-server, actions-runner-controller, prometheus-operator, buildkitd, gitlab-logger, stakater-reloader, rabbitmq-cluster-operator,.....
6.5AI Score
0.0004EPSS
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2. A patched version of the package is...
8.2AI Score
0.72EPSS
JA4+ - Suite Of Network Fingerprinting Standards
JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session.....
7AI Score
The Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘campaign_id’ parameter in versions up to, and including, 2.16.1 due to insufficient input sanitization and output...
6.4CVSS
6AI Score
0.001EPSS
The Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘campaign_id’ parameter in versions up to, and including, 2.16.1 due to insufficient input sanitization and output...
5.9AI Score
0.001EPSS
The Reviews and Rating – Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
6.4CVSS
6AI Score
0.0004EPSS
The Reviews and Rating – Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
6AI Score
0.0004EPSS
The Primary Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
6.4CVSS
6AI Score
0.001EPSS
The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_testimonials_option_callback' function in versions up to, and including, 10.2.0. This makes it possible for unauthenticated attackers to...
5.3CVSS
6.7AI Score
0.001EPSS
The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_testimonials_option_callback' function in versions up to, and including, 10.2.0. This makes it possible for unauthenticated attackers to...
5.2AI Score
0.001EPSS
The Primary Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
5.9AI Score
0.001EPSS
The ND Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's upload feature in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and....
6.4CVSS
6.1AI Score
0.001EPSS
CVE-2024-5220 ND Shortcodes <= 7.5 - Authenticated (Author+) Stored Cross-Site Scripting
The ND Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's upload feature in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and....
6AI Score
0.001EPSS
openSUSE 15 Security Update : qt6-networkauth (openSUSE-SU-2024:0138-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0138-1 advisory. - CVE-2024-36048: Fixed data race and poor seeding in generateRandomString() (boo#1224782). Tenable has extracted the preceding description block...
7.4AI Score
SUSE SLES15 Security Update : python3 (SUSE-SU-2024:1774-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1774-1 advisory. - CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number (bsc#1219559). -...
7.6AI Score
Fedora 39 : dotnet7.0 (2024-3136a71490)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-3136a71490 advisory. This is the May 2024 security update for .NET 7. This is the last upstream release of .NET 7. After this update, .NET 7 reaches its End of Life (EOL). Full...
7.4AI Score
Fedora 39 : mingw-libxml2 (2024-4862425658)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4862425658 advisory. Update to 2.12.7 (RHBZ#2280535, CVE-2024-34459) Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
7.4AI Score
Fedora 40 : crosswords / libipuz (2024-e4717532c4)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-e4717532c4 advisory. crosswords 0.3.13 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
7.4AI Score