GHSA-3RQ5-2G8H-59HC vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...
7.5AI Score
GHSA-44WM-F244-XHP3 vulnerabilities
Vulnerabilities for packages: py3-pillow, kubeflow-pipelines-visualization-server,...
7.5AI Score
GHSA-PWR2-4V36-6QPR vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...
7.5AI Score
7.7AI Score
0.68EPSS
GHSA-V86X-5FM3-5P7J vulnerabilities
Vulnerabilities for packages: loki, prometheus-alertmanager,...
7.5AI Score
7.5AI Score
7.5AI Score
7AI Score
0.001EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.1AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
7.5AI Score
7.1AI Score
0.0004EPSS
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: skaffold, eksctl, clusterctl, secrets-store-csi-driver-provider-gcp, kpt, q, cri-tools, logstash-exporter, terraform-docs, kaf, ferretdb, kubernetes-dashboard, mage, sonobuoy, vault-k8s, istio-operator, capslock, wait-for-port, flux-source-controller, http-echo,...
6.5AI Score
0.0004EPSS
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: skaffold, eksctl, skopeo, goreleaser, trivy, kubeflow-katib, cri-tools, scorecard, crane, cosign, dagger, guac, k3s, aactl, kubevela, zot, up, docker-credential-gcr, flux-image-reflector-controller, gitlab-runner, kots, policy-controller, tekton-chains, telegraf,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: skaffold, eksctl, nri-couchbase, clusterctl, nri-mssql, secrets-store-csi-driver-provider-gcp, kpt, task, q, cri-tools, logstash-exporter, terraform-docs, thanos-operator, kaf, ferretdb, k3s, kubernetes-dashboard, mage, prometheus-mongodb-exporter, sonobuoy, capslock,....
6.5AI Score
0.0004EPSS
6AI Score
0.011EPSS
4.5AI Score
0.001EPSS
7.9AI Score
0.003EPSS
9.7AI Score
0.002EPSS
5.6AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
6.5AI Score
0.0004EPSS
6.7AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
CVE-2023-49568 vulnerabilities
Vulnerabilities for packages: goreleaser, scorecard, go-licenses, kubevela, argo-cd, gitness, zot, kots, gomplate, bom, src-fingerprint, apko, gitsign, nuclei, tekton-pipelines, pulumi-kubernetes-operator, pulumi, flux-kustomize-controller, pulumi-language-java, pulumi-language-yaml,...
7.7AI Score
0.0005EPSS
7.5AI Score
The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' function. This makes it possible for...
7.2AI Score
CVE-2024-5204 Swiss Toolkit For WP <= 1.0.7 - Authenticated (Contributor+) Authentication Bypass
The Swiss Toolkit For WP plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.7. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for authenticated attackers with contributor-level and...
7.1AI Score
engelke-elektro.de Cross Site Scripting vulnerability OBB-3931425
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
K000139810: Oracle Java vulnerability CVE-2024-20919
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK:.....
5.9AI Score
0.0005EPSS
JVN#22182715: Redmine DMSF Plugin vulnerable to path traversal
Redmine DMSF Plugin provided by Kontron contains a path traversal vulnerability (CWE-22). ## Impact When the affected version of the plugin is enabled on the Redmine instance, the logged-in user may obtain or delete arbitrary files on the server (within the privilege of the Redmine process). ##...
7AI Score
dailylivenews.in Cross Site Scripting vulnerability OBB-3931420
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
parakme.de Cross Site Scripting vulnerability OBB-3931419
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-5437 SourceCodester Simple Online Bidding System save_category cross site scripting
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as problematic. Affected is the function save_category of the file /admin/index.php?page=categories. The manipulation of the argument name leads to cross site scripting. It is possible to launch...
6.4AI Score
eirene.de Cross Site Scripting vulnerability OBB-3931416
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
6.8AI Score
6.6AI Score
dev.biozidauswaschung.de Cross Site Scripting vulnerability OBB-3931415
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score