Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Metasys Application And Data Server (ADS, ADS-Lite) Security Vulnerabilities

wolfi
wolfi

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...

7.8AI Score

0.0004EPSS

2024-06-28 09:08 PM
20
wolfi
wolfi

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...

7.8AI Score

0.0004EPSS

2024-06-28 09:08 PM
22
wolfi
wolfi

CVE-2023-46129 vulnerabilities

Vulnerabilities for packages: minio, nats-server, k3s, telegraf,...

7.5CVSS

7.8AI Score

0.001EPSS

2024-06-28 09:08 PM
11
wolfi
wolfi

CVE-2024-5629 vulnerabilities

Vulnerabilities for packages:...

8.1CVSS

7.2AI Score

0.001EPSS

2024-06-28 09:08 PM
2
wolfi
wolfi

CVE-2023-39321 vulnerabilities

Vulnerabilities for packages:...

7.5CVSS

7.7AI Score

0.001EPSS

2024-06-28 09:08 PM
9
wolfi
wolfi

GHSA-892H-R6CR-53G4 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-28 09:08 PM
9
wolfi
wolfi

GHSA-Q6W6-RJJJ-5P52 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-28 09:08 PM
8
wolfi
wolfi

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: configmap-reload, k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, ksops, wireguard-go, go, neuvector-scanner, aws-ebs-csi-driver, guac, http-echo, capslock, git-lfs, grafana-rollout-operator, gobump, sops, kubernetes-dns-node-cache, kubeadm-bootstrap-controller,...

6.5AI Score

0.0004EPSS

2024-06-28 09:08 PM
19
wolfi
wolfi

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: configmap-reload, k8sgpt, dagger, k8ssandra-operator, nri-cassandra, http-echo, gobump, aws-load-balancer-controller, grpcurl, logstash, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi, speedtest-go,...

7.5AI Score

2024-06-28 09:08 PM
4
wolfi
wolfi

CVE-2024-21664 vulnerabilities

Vulnerabilities for packages: boring-registry, minio, vexctl, gitsign, tekton-chains, kyverno, external-secrets-operator, falcoctl, kubescape, istio-pilot-agent, falco, istio-pilot-discovery, istio-cni, spire-server, mc,...

7.5CVSS

6.1AI Score

0.001EPSS

2024-06-28 09:08 PM
7
wolfi
wolfi

GHSA-PVCR-V8J8-J5Q3 vulnerabilities

Vulnerabilities for packages: boring-registry, minio, vexctl, gitsign, tekton-chains, kyverno, external-secrets-operator, falcoctl, kubescape, istio-pilot-agent, falco, istio-pilot-discovery, istio-cni, spire-server, mc,...

7.5AI Score

2024-06-28 09:08 PM
2
wolfi
wolfi

GHSA-VV9M-32RR-3G55 vulnerabilities

Vulnerabilities for packages: kind, metrics-server,...

7.5AI Score

2024-06-28 09:08 PM
4
wolfi
wolfi

GHSA-MR45-RX8Q-WCM9 vulnerabilities

Vulnerabilities for packages: minio, nats-server, k3s, telegraf,...

7.5AI Score

2024-06-28 09:08 PM
5
wolfi
wolfi

CVE-2024-21009 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-28 09:08 PM
wolfi
wolfi

CVE-2024-21054 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-28 09:08 PM
wolfi
wolfi

CVE-2024-21087 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-06-28 09:08 PM
wolfi
wolfi

GHSA-26MF-52P6-23PQ vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-28 09:08 PM
1
wolfi
wolfi

GHSA-3VX9-2CH5-M6R6 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-28 09:08 PM
wolfi
wolfi

GHSA-JFV3-GH3J-C5R7 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-28 09:08 PM
1
wolfi
wolfi

GHSA-RCJ8-JX65-7C4R vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-28 09:08 PM
9
wolfi
wolfi

CVE-2024-0229 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-28 09:08 PM
6
wolfi
wolfi

GHSA-2X93-8973-5MGQ vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-28 09:08 PM
5
wolfi
wolfi

CVE-2024-31083 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-28 09:08 PM
6
wolfi
wolfi

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...

6AI Score

0.0004EPSS

2024-06-28 09:08 PM
20
wolfi
wolfi

CVE-2024-27454 vulnerabilities

Vulnerabilities for packages: py3-orjson,...

7.5CVSS

7.7AI Score

0.0004EPSS

2024-06-28 09:08 PM
11
wolfi
wolfi

GHSA-3RQ5-2G8H-59HC vulnerabilities

Vulnerabilities for packages: py3-dnspython,...

7.5AI Score

2024-06-28 09:08 PM
3
wolfi
wolfi

GHSA-44WM-F244-XHP3 vulnerabilities

Vulnerabilities for packages: py3-pillow, pytorch,...

7.5AI Score

2024-06-28 09:08 PM
5
wolfi
wolfi

GHSA-PWR2-4V36-6QPR vulnerabilities

Vulnerabilities for packages: py3-orjson,...

7.5AI Score

2024-06-28 09:08 PM
6
wolfi
wolfi

GHSA-9V7R-X7CV-V437 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-28 09:08 PM
10
wolfi
wolfi

CVE-2024-0409 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-28 09:08 PM
7
cbl_mariner
cbl_mariner

CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15

CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15. A patched version of the package is...

7.5CVSS

8.5AI Score

0.732EPSS

2024-06-28 09:08 PM
1
cbl_mariner
cbl_mariner

CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15

CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15. A patched version of the package is...

7.5CVSS

8.2AI Score

0.732EPSS

2024-06-28 09:08 PM
ibm
ibm

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Kubernetes

Summary Multiple vulnerabilities in Kubernetes used by IBM InfoSphere Information Server were addressed. Vulnerability Details ** CVEID: CVE-2020-8562 DESCRIPTION: **Kubernetes could allow a remote authenticated attacker to obtain sensitive information, caused by a time-of-check time-of-use...

3.1CVSS

7AI Score

0.001EPSS

2024-06-28 09:05 PM
github
github

Unlimited number of NTS-KE connections can crash ntpd-rs server

Summary Missing limit for accepted NTS-KE connections allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. Details Operating systems have a limit for the number...

7.5CVSS

7AI Score

EPSS

2024-06-28 09:05 PM
cvelist
cvelist

CVE-2024-29040 Fapi Verify Quote: Does not detect if quote was not generated by TPM

This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure TPMS_ATTEST. For the field TPM2_GENERATED magic of this structure any number can.....

4.3CVSS

EPSS

2024-06-28 09:02 PM
ibm
ibm

Security Bulletin: IBM InfoSphere Information Server is vulnerable to stored cross-site scripting (CVE-2024-28798)

Summary A stored cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-28798 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary...

5.7AI Score

EPSS

2024-06-28 08:58 PM
ibm
ibm

Security Bulletin: IBM InfoSphere Information Server is vulnerable to server-side request forgery (CVE-2023-50952)

Summary A server-side request forgery (SSRF) vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-50952 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to server-side request forgery (SSRF). This may allow an authenticated...

6.3AI Score

EPSS

2024-06-28 08:52 PM
cvelist
cvelist

CVE-2024-39302 Some bbb-record-core files installed with wrong file permission

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...

3.7CVSS

EPSS

2024-06-28 08:51 PM
1
ibm
ibm

Security Bulletin: IBM InfoSphere Information Server is vulnerable to stored cross-site scripting (CVE-2024-28797)

Summary A stored cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-28797 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary...

5.7AI Score

EPSS

2024-06-28 08:46 PM
cvelist
cvelist

CVE-2024-39307 Cross-Site Scripting (XSS) vulnerability via crafted ebooks in Kavita

Kavita is a cross platform reading server. Opening an ebook with malicious scripts inside leads to code execution inside the browsing context. Kavita doesn't sanitize or sandbox the contents of epubs, allowing scripts inside ebooks to execute. This vulnerability was patched in version...

3.5CVSS

EPSS

2024-06-28 08:44 PM
1
ibm
ibm

Security Bulletin: IBM InfoSphere Information Server is vulnerable to stored cross-site scripting (CVE-2024-28795)

Summary A stored cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-28795 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

5.7AI Score

EPSS

2024-06-28 08:38 PM
rapid7blog
rapid7blog

Metasploit Weekly Wrap-Up 06/28/2024

Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...

9.8CVSS

9AI Score

0.005EPSS

2024-06-28 08:36 PM
1
cvelist
cvelist

CVE-2024-38518 bbb-web API additional parameters considered

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an.....

4.6CVSS

EPSS

2024-06-28 08:25 PM
3
openbugbounty
openbugbounty

televizori.ba Cross Site Scripting vulnerability OBB-3939488

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-28 08:17 PM
6
ibm
ibm

Security Bulletin: IBM InfoSphere Information Server low level authenticated user can view sensitive information (CVE-2024-31898)

Summary A vulnerability in IBM InfoSphere Information Server allowed a lower level authenticated user to view sensitive information. This vulnerabity was addressed. Vulnerability Details ** CVEID: CVE-2024-31898 DESCRIPTION: **IBM InfoSphere Information Server could allow an authenticated user to.....

5.8AI Score

EPSS

2024-06-28 08:16 PM
cve
cve

CVE-2024-5827

Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents <?php system($_GET[0])...

9.8CVSS

10AI Score

EPSS

2024-06-28 08:15 PM
6
nvd
nvd

CVE-2024-5827

Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents <?php system($_GET[0])...

9.8CVSS

EPSS

2024-06-28 08:15 PM
3
nvd
nvd

CVE-2024-38528

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such...

7.5CVSS

EPSS

2024-06-28 08:15 PM
2
cve
cve

CVE-2024-38528

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such...

7.5CVSS

7.6AI Score

EPSS

2024-06-28 08:15 PM
3
hackread
hackread

TeamViewer Confirms Security Breach by Russian Midnight Blizzard

TeamViewer reassures users after a security breach targeted an employee account. The company claims no customer data...

7.4AI Score

2024-06-28 08:12 PM
Total number of security vulnerabilities2915380