Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

NVIDIA Cloud Gaming (guest Driver), NVIDIA Cloud Gaming (Virtual GPU Manager) Security Vulnerabilities

malwarebytes
malwarebytes

Driving licences and other official documents leaked by authentication service used by Uber, TikTok, X, and more

A company that helps to authenticate users for big brands had a set of administration credentials exposed online for over a year, potentially allowing access to user identity documents such as driving licenses. As more and more legislation emerges requiring websites and platforms—like gambling...

7.4AI Score

2024-06-27 04:21 PM
2
ibm
ibm

Security Bulletin: IBM QRadar Suite software is vulnerable to information exposure

Summary IBM QRadar Suite software is vulnerable to information exposure through cache data. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability...

6.7AI Score

EPSS

2024-06-27 03:24 PM
1
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)

_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

10CVSS

9.9AI Score

EPSS

2024-06-27 03:00 PM
2
thn
thn

Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads

The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat's transition from what appeared to be a dormant botnet with unclear motives to a financially motivated operation....

7.7AI Score

2024-06-27 02:31 PM
2
malwarebytes
malwarebytes

‘Poseidon’ Mac stealer distributed via Google ads

On June 24, we observed a new campaign distributing a stealer targeting Mac users via malicious Google ads for the Arc browser. This is the second time in the past couple of months where we see Arc being used as a lure, certainly a sign of its popularity. It was previously used to drop a Windows...

6.5AI Score

2024-06-27 01:00 PM
3
talosblog
talosblog

Snowflake isn’t an outlier, it’s the canary in the coal mine

By Nick Biasini with contributions from Kendall McKay and Guilherme Venere Headlines continue to roll in about the many implications and follow-on attacks originating from leaked and/or stolen credentials for the Snowflake cloud data platform. Adversaries obtained stolen login credentials for...

7.6AI Score

2024-06-27 12:01 PM
1
ics
ics

SDG Technologies PnPSCADA

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: SDG Technologies Equipment: PnPSCADA Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to attach various entities...

7AI Score

EPSS

2024-06-27 12:00 PM
ics
ics

Johnson Controls Illustra Essentials Gen 4

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Illustra Essentials Gen 4 Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability...

7.5AI Score

EPSS

2024-06-27 12:00 PM
1
ics
ics

Johnson Controls Illustra Essentials Gen 4

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Illustra Essentials Gen 4 Vulnerability: Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability may allow...

7.1AI Score

EPSS

2024-06-27 12:00 PM
ics
ics

Johnson Controls Illustra Essentials Gen 4

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Illustra Essentials Gen 4 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

7.2AI Score

EPSS

2024-06-27 12:00 PM
1
ics
ics

TELSAT marKoni FM Transmitter

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: marKoni Equipment: Markoni-D (Compact) FM Transmitters, Markoni-DH (Exciter+Amplifiers) FM Transmitters Vulnerabilities: Command Injection, Use of Hard-coded...

9AI Score

EPSS

2024-06-27 12:00 PM
1
thn
thn

How to Use Python to Build Secure Blockchain Applications

Did you know it's now possible to build blockchain applications, known also as decentralized applications (or "dApps" for short) in native Python? Blockchain development has traditionally required learning specialized languages, creating a barrier for many developers… until now. AlgoKit, an...

6.9AI Score

2024-06-27 09:30 AM
6
wolfi
wolfi

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: keda, tkn, slsa-verifier, spire-server, flux-source-controller, traefik, cilium-envoy, cloudflared, oauth2-proxy, terragrunt, cert-manager, kyverno, dex, falco, aactl, istio-pilot-discovery, gitsign, sops, vexctl, tekton-chains, kots, rekor, flux-kustomize-controller,....

7.5AI Score

2024-06-27 09:08 AM
347
wolfi
wolfi

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: loki, kpt, up, slsa-verifier, ctop, cert-manager, prometheus, falco, aactl, chartmuseum, paranoia, tekton-chains, k3d, goreleaser, scorecard, kubescape, skaffold, bom, tekton-pipelines,...

7.5AI Score

2024-06-27 09:08 AM
347
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: helm-push, clusterctl, prometheus-redis-exporter, cass-operator, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, aws-load-balancer-controller, k8sgpt, velero, docker-cli, kpt, kubewatch, secrets-store-csi-driver-provider-azure,...

7.8AI Score

0.0004EPSS

2024-06-27 09:08 AM
192
wolfi
wolfi

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: helm-push, grype, eksctl, helm, up, kaniko, ctop, flux-source-controller, fuse-overlayfs-snapshotter, cert-manager, newrelic-infrastructure-agent, melange, cilium-cli, kubevela, trivy, k3d, kots, neuvector-agent, zot, flux-helm-controller, gitness, kubescape,...

7.5AI Score

2024-06-27 09:08 AM
222
wolfi
wolfi

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: helm-push, k9s, kubescape, cert-manager, zot, trivy, k8sgpt, kots, zarf, eksctl, helm-operator, chartmuseum, flux-source-controller, up, cilium-cli, flux-helm-controller,...

6.4CVSS

6.7AI Score

0.0004EPSS

2024-06-27 09:08 AM
102
wolfi
wolfi

CVE-2023-3955 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler, calico, argo-cd,...

8.8CVSS

8.9AI Score

0.001EPSS

2024-06-27 09:08 AM
434
wolfi
wolfi

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, aws-ebs-csi-driver, nodetaint, kubernetes-csi-driver-hostpath, kubernetes, calico, kubernetes-dns-node-cache, node-feature-discovery, local-static-provisioner, cluster-autoscaler,...

2.7CVSS

4.3AI Score

0.0004EPSS

2024-06-27 09:08 AM
77
wolfi
wolfi

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: skopeo, nerdctl, grype, buildkitd, kaniko, ctop, syft, ingress-nginx-controller, docker, k9s, wolfictl, newrelic-infrastructure-agent, datadog-agent, nvidia-device-plugin, kubernetes, k3d, trivy, kots, zot, kubescape, cadvisor, runc, zarf, skaffold, telegraf,...

8.6CVSS

9.2AI Score

0.051EPSS

2024-06-27 09:08 AM
294
wolfi
wolfi

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: helm-push, k9s, kubescape, cert-manager, zot, trivy, k8sgpt, kots, zarf, eksctl, helm-operator, chartmuseum, flux-source-controller, up, cilium-cli, flux-helm-controller,...

7.5AI Score

2024-06-27 09:08 AM
100
wolfi
wolfi

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: neuvector-sigstore-interface, pulumi-kubernetes-operator, flux-image-reflector-controller, keda, skopeo, flux-notification-controller, loki, buildkitd, flux-image-automation-controller, tkn, slsa-verifier, spire-server, flux-source-controller, terraform, cert-manager,....

6CVSS

6AI Score

0.0004EPSS

2024-06-27 09:08 AM
7
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: dotnet, kpt, kubewatch, ollama, slsa-verifier, fuse-overlayfs-snapshotter, dgraph, kyverno, nginx-stable, falco, nvidia-device-plugin, envoy-ratelimit, weaviate, terraform-provider-azurerm, kind, kots, kubernetes-csi-livenessprobe, pulumi-language-dotnet, gobuster,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-27 09:08 AM
613
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: clusterctl, prometheus-redis-exporter, skopeo, cass-operator, kubernetes-csi-external-provisioner, configmap-reload, aws-load-balancer-controller, k8sgpt, rclone, velero, kpt, kubewatch, kaniko, ollama, secrets-store-csi-driver-provider-azure, docker-compose,...

7.5AI Score

2024-06-27 09:08 AM
183
wolfi
wolfi

CVE-2023-45142 vulnerabilities

Vulnerabilities for packages: caddy, keda, cert-manager, prometheus-adapter, gatekeeper, kubernetes, calico, prometheus, thanos, ipfs, gitlab-kas, up, kubevela,...

7.5CVSS

7.9AI Score

0.001EPSS

2024-06-27 09:08 AM
50
wolfi
wolfi

GHSA-RCJV-MGP8-QVMR vulnerabilities

Vulnerabilities for packages: caddy, keda, cert-manager, prometheus-adapter, gatekeeper, kubernetes, calico, prometheus, thanos, ipfs, gitlab-kas, up, kubevela,...

7.5AI Score

2024-06-27 09:08 AM
13
cbl_mariner
cbl_mariner

CVE-2022-3162 affecting package kube-vip-cloud-provider 0.0.2-17

CVE-2022-3162 affecting package kube-vip-cloud-provider 0.0.2-17. No patch is available...

6.5CVSS

7AI Score

0.001EPSS

2024-06-27 09:08 AM
2
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: clusterctl, go, cass-operator, shfmt, crane, kaniko, fuse-overlayfs-snapshotter, k9s, kubernetes-dashboard, sbomqs, envoy-ratelimit, yq, kubernetes, falcoctl, flux-helm-controller, runc, node-problem-detector, prometheus-elasticsearch-exporter, trillian,...

6.8AI Score

0.0004EPSS

2024-06-27 09:08 AM
58
wolfi
wolfi

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: helm-push, libnvidia-container, clusterctl, prometheus-redis-exporter, go, skopeo, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, k8sgpt, rclone, crane, kpt, kubewatch, secrets-store-csi-driver-provider-azure, docker-compose, spicedb,...

7.5AI Score

2024-06-27 09:08 AM
16
wolfi
wolfi

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: clusterctl, go, cass-operator, shfmt, crane, kaniko, fuse-overlayfs-snapshotter, k9s, kubernetes-dashboard, sbomqs, yq, kubernetes, kots, falcoctl, flux-helm-controller, nvidia-container-toolkit, runc, node-problem-detector, prometheus-elasticsearch-exporter,...

5.5CVSS

6.1AI Score

0.0004EPSS

2024-06-27 09:08 AM
25
wolfi
wolfi

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: neuvector-sigstore-interface, pulumi-kubernetes-operator, flux-image-reflector-controller, keda, skopeo, flux-notification-controller, loki, buildkitd, flux-image-automation-controller, tkn, slsa-verifier, spire-server, flux-source-controller, terraform, cert-manager,....

7.5AI Score

2024-06-27 09:08 AM
wolfi
wolfi

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: gitlab-logger, go-licenses, helm-push, petname, cass-operator, nsc, configmap-reload, prometheus-stackdriver-exporter, gke-gcloud-auth-plugin, docker-credential-ecr-login, vertical-pod-autoscaler, influx, docker-cli, cni-plugins, mage, slsa-verifier, ctop,...

7.5CVSS

7.9AI Score

0.001EPSS

2024-06-27 09:08 AM
59
wolfi
wolfi

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-provisioner, aws-load-balancer-controller, k8sgpt, kpt, kubewatch, ollama, thanos-operator, fuse-overlayfs-snapshotter, kube-state-metrics, dgraph, kyverno, kubernetes-dashboard, nvidia-device-plugin, weaviate, aws-ebs-csi-driver, yq, timoni,...

6.1CVSS

7.3AI Score

0.001EPSS

2024-06-27 09:08 AM
94
wolfi
wolfi

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: helm-push, skopeo, src-fingerprint, nsc, kubewatch, ollama, secrets-store-csi-driver-provider-azure, slsa-verifier, kube-state-metrics, dgraph, kyverno, kubernetes-dashboard, ferretdb, falco, weaviate, istio-pilot-discovery, terraform-provider-azurerm, gitsign,...

5.9CVSS

7.1AI Score

0.963EPSS

2024-06-27 09:08 AM
134
wolfi
wolfi

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: filebeat, k3s, flux-image-reflector-controller, skopeo, nerdctl, cri-tools, loki, k8sgpt, buildkitd, eksctl, crane, helm-operator, helm, up, slsa-verifier, ctop, traefik, k9s, cert-manager, kyverno, newrelic-infrastructure-agent, prometheus, datadog-agent, falco,...

7.8CVSS

7.5AI Score

0.001EPSS

2024-06-27 09:08 AM
29
wolfi
wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: clusterctl, prometheus-redis-exporter, skopeo, cass-operator, kubernetes-csi-external-provisioner, configmap-reload, aws-load-balancer-controller, k8sgpt, rclone, velero, kpt, kubewatch, kaniko, ollama, secrets-store-csi-driver-provider-azure, docker-compose,...

6.8AI Score

0.0004EPSS

2024-06-27 09:08 AM
30
wolfi
wolfi

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: helm-push, clusterctl, prometheus-redis-exporter, cass-operator, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, aws-load-balancer-controller, k8sgpt, velero, docker-cli, kpt, kubewatch, secrets-store-csi-driver-provider-azure,...

7.8AI Score

0.0004EPSS

2024-06-27 09:08 AM
42
wolfi
wolfi

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: helm-push, clusterctl, prometheus-redis-exporter, cass-operator, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, aws-load-balancer-controller, k8sgpt, velero, docker-cli, kpt, kubewatch, secrets-store-csi-driver-provider-azure,...

7.5AI Score

2024-06-27 09:08 AM
28
wolfi
wolfi

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: filebeat, sqlpad, chezmoi, flux-image-reflector-controller, keda, loki, k8sgpt, buildkitd, rclone, velero, up, secrets-store-csi-driver-provider-azure, tkn, flyte, spire-server, flux-source-controller, py3-azure-identity, step, py3-cassandra-medusa, traefik,...

5.5CVSS

6AI Score

0.0004EPSS

2024-06-27 09:08 AM
15
wolfi
wolfi

GHSA-M5VV-6R4H-3VJ9 vulnerabilities

Vulnerabilities for packages: filebeat, sqlpad, chezmoi, flux-image-reflector-controller, keda, loki, k8sgpt, buildkitd, rclone, velero, up, secrets-store-csi-driver-provider-azure, tkn, flyte, spire-server, flux-source-controller, py3-azure-identity, step, py3-cassandra-medusa, traefik,...

7.5AI Score

2024-06-27 09:08 AM
7
wolfi
wolfi

GHSA-Q78C-GWQW-JCMC vulnerabilities

Vulnerabilities for packages: cluster-autoscaler, calico, argo-cd,...

7.5AI Score

2024-06-27 09:08 AM
22
wolfi
wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: helm-push, libnvidia-container, clusterctl, prometheus-redis-exporter, go, skopeo, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, k8sgpt, rclone, crane, kpt, kubewatch, secrets-store-csi-driver-provider-azure, docker-compose, spicedb,...

6.5AI Score

0.0004EPSS

2024-06-27 09:08 AM
22
wolfi
wolfi

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: clusterctl, go, cass-operator, shfmt, crane, kaniko, fuse-overlayfs-snapshotter, k9s, kubernetes-dashboard, sbomqs, envoy-ratelimit, yq, kubernetes, falcoctl, flux-helm-controller, runc, node-problem-detector, prometheus-elasticsearch-exporter, trillian,...

7.5AI Score

2024-06-27 09:08 AM
20
wolfi
wolfi

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: helm-push, libnvidia-container, clusterctl, prometheus-redis-exporter, go, skopeo, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, k8sgpt, rclone, crane, kpt, kubewatch, secrets-store-csi-driver-provider-azure, docker-compose, spicedb,...

7.5AI Score

2024-06-27 09:08 AM
21
wolfi
wolfi

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: clusterctl, go, cass-operator, shfmt, crane, kaniko, fuse-overlayfs-snapshotter, k9s, kubernetes-dashboard, sbomqs, yq, kubernetes, kots, falcoctl, flux-helm-controller, nvidia-container-toolkit, runc, node-problem-detector, prometheus-elasticsearch-exporter,...

9.8CVSS

9.8AI Score

0.001EPSS

2024-06-27 09:08 AM
49
wolfi
wolfi

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: go, kubernetes-csi-external-provisioner, aws-load-balancer-controller, k8sgpt, kpt, kubewatch, ollama, slsa-verifier, thanos-operator, fuse-overlayfs-snapshotter, kube-state-metrics, dgraph, kyverno, kubernetes-dashboard, falco, nvidia-device-plugin, weaviate,...

7.5CVSS

8.4AI Score

0.002EPSS

2024-06-27 09:08 AM
49
wolfi
wolfi

GHSA-C5Q2-7R4C-MV6G vulnerabilities

Vulnerabilities for packages: skopeo, keda, nerdctl, grpc-health-probe, tkn, slsa-verifier, spire-server, flux-source-controller, step, cloudflared, wolfictl, oauth2-proxy, terragrunt, cert-manager, dgraph, timestamp-authority, dex, policy-controller, falco, aactl, sigstore-scaffolding, melange,...

7.5AI Score

2024-06-27 09:08 AM
26
wolfi
wolfi

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: helm-push, clusterctl, prometheus-redis-exporter, cass-operator, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, aws-load-balancer-controller, k8sgpt, velero, docker-cli, kpt, kubewatch, secrets-store-csi-driver-provider-azure,...

7.5AI Score

2024-06-27 09:08 AM
22
wolfi
wolfi

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: helm-push, clusterctl, prometheus-redis-exporter, cass-operator, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, aws-load-balancer-controller, k8sgpt, velero, docker-cli, kpt, kubewatch, secrets-store-csi-driver-provider-azure,...

7.5AI Score

2024-06-27 09:08 AM
24
wolfi
wolfi

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: helm-push, clusterctl, prometheus-redis-exporter, cass-operator, kubernetes-csi-external-provisioner, configmap-reload, shfmt, src-fingerprint, aws-load-balancer-controller, k8sgpt, velero, docker-cli, kpt, kubewatch, secrets-store-csi-driver-provider-azure,...

7.5AI Score

2024-06-27 09:08 AM
21
Total number of security vulnerabilities217895