Media Library Folder & File Manager Security Vulnerabilities
Free of pointer not at start of buffer vulnerability exists in CX-One CX-One CXONE-AL[][]D-V4 (The version which was installed with a DVD ver. 4.61.1 or lower, and was updated through CX-One V4 auto update in January 2024 or prior) and Sysmac Studio SYSMAC-SE2[][][] (The version which was...
8.3AI Score
Out-of-bounds read vulnerability exists in CX-Programmer included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower. Opening a specially crafted project file may lead to information disclosure and/or the product being...
6.8AI Score
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the whole duration of the fiemap call, in order to avoid a deadlock in a scenario where the fiemap...
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: ovl: relax WARN_ON in ovl_verify_area() syzbot hit an assertion in copy up data loop which looks like it is the result of a lower file whose size is being changed underneath overlayfs. This type of use case is documented to cause.....
7.3AI Score
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix writeback data corruption cifs writeback doesn't correctly handle the case where cifs_extend_writeback() hits a point where it is considering an additional folio, but this would overrun the wsize - at which point it...
7.5AI Score
Automate the process of analyzing web server logs with the Python Web Log Analyzer. This powerful tool is designed to enhance security by identifying and detecting various types of cyber attacks within your server logs. Stay ahead of potential threats with features that include: Features Attack...
7.4AI Score
Pluto is a superset of Lua 5.4 with a focus on general-purpose programming. In affected versions an attacker with the ability to actively intercept network traffic would be able to use a specifically-crafted certificate to fool Pluto into trusting it to be the intended remote for the TLS session......
4.8CVSS
7.3AI Score
Uptime Kuma vulnerable to authenticated remote code execution via malicious plugin installation
Summary Installation of a maliciously crafted plugin allows for remote code execution by an authenticated attacker. Details Uptime Kuma allows authenticated users to install plugins from an official list of plugins. This feature is currently disabled in the web interface, but the corresponding API....
8.8CVSS
8.2AI Score
0.001EPSS
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
7.8AI Score
0.739EPSS
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
8.3AI Score
0.002EPSS
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
8.2AI Score
0.739EPSS
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: external-dns, cluster-autoscaler-1.25, cosign, tomcat-8, up, memcached-exporter, grpcurl, calico, hey, kind, kpt, spark-operator, weaviate, newrelic-infrastructure-agent, kots, influxd, ingress-nginx-controller, cue, buildkitd, terraform-provider-aws,...
7.5CVSS
8.2AI Score
0.739EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: nri-prometheus, haproxy-ingress, kubernetes-csi-node-driver-registrar-fips-2.8, cilium-envoy, kubevela, gomplate, pulumi-kubernetes-operator, pulumi, oauth2-proxy, kubewatch, nats, nghttp2, secrets-store-csi-driver-provider-gcp, git-lfs, grpcurl, calico,...
7.5CVSS
7.8AI Score
0.739EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: sigstore-scaffolding-fips, falcoctl, filebeat, gomplate, prometheus-2.45, flux-image-reflector-controller, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nats, argo-cd-2.8, cilium-1.15, grpcurl, kubernetes-dashboard-metrics-scraper-fips, calico,...
7.3AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: filebeat, logstash-jre-bcfips, dockerize-fips, gomplate, flux-image-reflector-controller, prometheus-2.45, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nri-f5, nats, cluster-api-controller, grpcurl, kubernetes-dashboard-metrics-scraper-fips, calico,....
7.5AI Score
0.0004EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: filebeat, logstash-jre-bcfips, dockerize-fips, gomplate, flux-image-reflector-controller, prometheus-2.45, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nri-f5, nats, cluster-api-controller, grpcurl, kubernetes-dashboard-metrics-scraper-fips, calico,....
7.3AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: filebeat, logstash-jre-bcfips, dockerize-fips, gomplate, flux-image-reflector-controller, prometheus-2.45, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nri-f5, nats, cluster-api-controller, grpcurl, kubernetes-dashboard-metrics-scraper-fips, calico,....
7.5AI Score
0.0004EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: istio-pilot-discovery-1.20, istio-pilot-discovery-1.19, cosign, gitsign, aactl, tkn, vault-1.13, flux-source-controller, kots, cert-manager-1.13, rekor, sops, spire-server, cloudflared, kyverno, argo-cd-2.9, cilium-envoy, external-secrets-operator,...
7.5AI Score
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: ctop, chartmuseum, up, kpt, k3s, aactl, skaffold, cert-manager-1.13, k3d, prometheus-2.45, kubescape, cert-manager-1.11, tekton-pipelines, bom, loki, tekton-chains, paranoia, cert-manager-1.12, scorecard, falco,...
7.5AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: kubernetes-1.22, nri-prometheus, keda-2.9, falcoctl, haproxy-ingress, kubernetes-csi-node-driver-registrar-fips-2.8, kubernetes-1.20, gomplate, kubevela, pulumi-kubernetes-operator, prometheus-node-exporter, pulumi, flux-image-reflector-controller,...
7.5CVSS
8.2AI Score
0.002EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, newrelic-infra-operator, filebeat, kyverno-policy-reporter-kyverno-plugin, external-dns, timoni, cosign, kube-logging-operator, prometheus-beat-exporter, up, k9s, memcached-exporter, velero, gitsign, grpcurl, calico, spark-operator, kpt, syft,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, newrelic-infra-operator, filebeat, kyverno-policy-reporter-kyverno-plugin, external-dns, cluster-autoscaler-1.25, timoni, prometheus-beat-exporter, kube-logging-operator, up, mage, memcached-exporter, velero, cluster-api-controller, go-licenses,...
7.7AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: cni-plugins-fips, kubernetes-csi-node-driver-registrar-fips-2.8, cilium-envoy, prometheus-statsd-exporter-0.22, cni-plugins, go-licenses, nats, sops, kube-logging-logging-operator-4.1, aws-ebs-csi-driver-1.18, grpcurl, aws-load-balancer-controller-2.4.5,...
7.5CVSS
7.6AI Score
0.001EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: bank-vaults-fips, gitsign, cilium-envoy, kots, istio-pilot-discovery-1.20, slsa-verifier, vault-1.13, kubescape, oauth2-proxy, cloudflared, vault-fips-1.14, sops, keda-2.11, argo-cd-2.8, flux-source-controller, spire-server, flux-source-controller-0, falcoctl-fips,...
7.3AI Score
CVE-2023-47108 vulnerabilities
Vulnerabilities for packages: temporal-server, keda-2.10, kubevela, argo-cd-2.7, temporal-fips, cert-manager-1.11, containerd, keda-2.11, argo-cd-2.8, kine, kubernetes-fips-1.28, cert-manager-fips-1.13, prometheus-adapter-fips, cri-tools, cert-manager-1.12, envoy-ratelimit, aws-ebs-csi-driver,...
7.5CVSS
7.6AI Score
0.001EPSS
GHSA-679V-HH23-H5JH vulnerabilities
Vulnerabilities for packages: configmap-reload-fips, metrics-server, falco, kind,...
7.3AI Score
CVE-2023-39323 vulnerabilities
Vulnerabilities for packages: configmap-reload-fips, metrics-server, falco, kind,...
8.1CVSS
8.1AI Score
0.002EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: eksctl, telegraf-1.26, up, zot, gitness, skaffold, melange, newrelic-infrastructure-agent, flux-source-controller, kots, cert-manager-1.13, cilium-cli, helm-push, k3d, helm, telegraf-1.28, telegraf-1.29, kubescape, cert-manager-1.11, tekton-pipelines,...
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, up, k9s, zot, istio-operator-1.19, flux-source-controller, kots, cert-manager-1.13, cilium-cli, helm-push, istio-operator-1.20, cert-manager-1.14, kubescape, flux-helm-controller, cert-manager-1.12, zarf, k8sgpt, helm-operator,...
6.4CVSS
6.9AI Score
0.0004EPSS
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: eksctl, chartmuseum, up, k9s, zot, istio-operator-1.19, flux-source-controller, kots, cert-manager-1.13, cilium-cli, helm-push, istio-operator-1.20, cert-manager-1.14, kubescape, flux-helm-controller, cert-manager-1.12, zarf, k8sgpt, helm-operator,...
7.5AI Score
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, external-dns, istio-pilot-discovery-1.19, cluster-autoscaler-1.25, cosign, up, memcached-exporter, go-licenses, gitsign, calico, spark-operator, tkn, weaviate, prometheus-mysqld-exporter, kots, influxd, kube-rbac-proxy, mongo-tools,...
5.9CVSS
7AI Score
0.962EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: sigstore-scaffolding-fips, falcoctl, filebeat, gomplate, prometheus-2.45, flux-image-reflector-controller, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nats, argo-cd-2.8, cilium-1.15, grpcurl, kubernetes-dashboard-metrics-scraper-fips, calico,...
5.8AI Score
0.0004EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, newrelic-infra-operator, filebeat, kyverno-policy-reporter-kyverno-plugin, external-dns, timoni, cosign, kube-logging-operator, prometheus-beat-exporter, up, k9s, memcached-exporter, velero, gitsign, grpcurl, calico, spark-operator, kpt, syft,...
6.2AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, prometheus-2.51, cosign, kind, kube-rbac-proxy, prometheus-alertmanager, spire-server, newrelic-nri-kube-events, dynamic-localpv-provisioner, nvidia-device-plugin, ip-masq-agent, ko, fuse-overlayfs-snapshotter, minio, gitlab-logger, grafana-10.4,...
6.2AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: ctop, dgraph, petname, mage, wait-for-port, go-licenses, grpcurl, aws-flb-cloudwatch, slsa-verifier, hey, aactl, kind, cni-plugins, go-md2man, aws-flb-kinesis, sops, nats, sonobuoy, cortex, docker-cli, go-bindata, vertical-pod-autoscaler, cilium-envoy, nsc,...
7.5CVSS
7.9AI Score
0.001EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: filebeat, logstash-jre-bcfips, dockerize-fips, gomplate, flux-image-reflector-controller, prometheus-2.45, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nri-f5, nats, cluster-api-controller, grpcurl, kubernetes-dashboard-metrics-scraper-fips, calico,....
7.3AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: filebeat, logstash-jre-bcfips, dockerize-fips, gomplate, flux-image-reflector-controller, prometheus-2.45, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nri-f5, nats, cluster-api-controller, grpcurl, kubernetes-dashboard-metrics-scraper-fips, calico,....
7.5AI Score
0.0004EPSS
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: filebeat, logstash-jre-bcfips, dockerize-fips, gomplate, flux-image-reflector-controller, prometheus-2.45, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nri-f5, nats, cluster-api-controller, grpcurl, kubernetes-dashboard-metrics-scraper-fips, calico,....
7.5AI Score
0.0004EPSS
Vulnerabilities for packages: external-dns, cluster-autoscaler-1.25, timoni, cosign, kube-logging-operator, memcached-exporter, grpcurl, spark-operator, hey, kpt, tkn, weaviate, newrelic-infrastructure-agent, prometheus-mysqld-exporter, kots, influxd, prometheus-alertmanager, cue,...
6.1CVSS
7.7AI Score
0.001EPSS
GHSA-C5Q2-7R4C-MV6G vulnerabilities
Vulnerabilities for packages: sigstore-scaffolding-fips, falcoctl, cert-manager-1.14, istio-pilot-discovery-1.20, oauth2-proxy, sops, argo-cd-2.8, cilium-1.15, policy-controller, cilium-1.14, external-secrets-fips, external-secrets-operator, dex-fips, argo-cd-2.9, tekton-pipelines, skaffold, keda,....
7.3AI Score
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: dagger, ctop, eksctl, filebeat, timoni, docker-credential-gcr, cosign, up, k9s, zot, prometheus, gitsign, guac, kargo, aactl, k3s, datadog-agent, skaffold, newrelic-infrastructure-agent, kots, cri-tools, kubeflow-katib, cadvisor, kyverno, crane, buildkitd, pulumi,...
7.8CVSS
8AI Score
0.001EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: cni-plugins-fips, kubernetes-csi-node-driver-registrar-fips-2.8, cilium-envoy, prometheus-statsd-exporter-0.22, cni-plugins, go-licenses, nats, sops, kube-logging-logging-operator-4.1, aws-ebs-csi-driver-1.18, grpcurl, aws-load-balancer-controller-2.4.5,...
7.3AI Score
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: temporal-ui-server, newrelic-infra-operator, filebeat, kyverno-policy-reporter-kyverno-plugin, external-dns, cluster-autoscaler-1.25, timoni, prometheus-beat-exporter, kube-logging-operator, up, mage, memcached-exporter, velero, cluster-api-controller, go-licenses,...
7.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, newrelic-infra-operator, filebeat, kyverno-policy-reporter-kyverno-plugin, external-dns, cluster-autoscaler-1.25, timoni, prometheus-beat-exporter, kube-logging-operator, up, mage, memcached-exporter, velero, cluster-api-controller, go-licenses,...
7.7AI Score
0.0004EPSS
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: zarf, kots, cert-manager-1.14, helm-push, chartmuseum, k9s, flux-source-controller, up, istio-operator-1.19, cert-manager-fips-1.13, cert-manager-1.12, cilium-cli, cert-manager-fips-1.12, cert-manager-1.13, eksctl, zot, k8sgpt, helm-operator, flux-helm-controller,...
6.4CVSS
6.7AI Score
0.0004EPSS
GHSA-V53G-5GJP-272R vulnerabilities
Vulnerabilities for packages: zarf, kots, cert-manager-1.14, helm-push, chartmuseum, k9s, flux-source-controller, up, istio-operator-1.19, cert-manager-fips-1.13, cert-manager-1.12, cilium-cli, cert-manager-fips-1.12, cert-manager-1.13, eksctl, zot, k8sgpt, helm-operator, flux-helm-controller,...
7.3AI Score
CVE-2024-26147 vulnerabilities
Vulnerabilities for packages: zarf, kots, cert-manager-fips-1.14, cert-manager-1.14, helm-push, chartmuseum, k9s, flux-source-controller, up, istio-operator-1.19, cert-manager-fips-1.13, cert-manager-1.12, cilium-cli, cert-manager-fips-1.12, cert-manager-1.13, eksctl, zot, k8sgpt, helm-operator,...
7.5CVSS
7.6AI Score
0.0004EPSS
GHSA-RCJV-MGP8-QVMR vulnerabilities
Vulnerabilities for packages: ipfs, keda-2.10, kubevela, prometheus, cert-manager-1.11, cluster-autoscaler-fips-1.26, gitlab-kas, gatekeeper-3.13, keda-2.11, kubernetes-fips-1.28, up, calico, prometheus-adapter, cert-manager-1.12, thanos-0.31, thanos-0.32, cert-manager-1.13, k3s,...
7.3AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: sigstore-scaffolding-fips, falcoctl, filebeat, dockerize-fips, gomplate, prometheus-2.45, flux-image-reflector-controller, eks-distro-kubernetes-csi-node-driver-registrar-2.9, kustomize, nri-f5, argo-cd-2.8, cluster-api-controller, coredns-fips, grpcurl,...
5.8AI Score
0.0004EPSS