CVE-2024-6047 GeoVision EOL device - OS Command Injection
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the...
9.8CVSS
EPSS
NiceRAT Malware Targets South Korean Users via Cracked Software
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license...
6.9AI Score
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the....
8.8CVSS
EPSS
SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the...
9.8CVSS
EPSS
SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the...
9.8CVSS
9.8AI Score
EPSS
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the....
8.8CVSS
8.4AI Score
EPSS
CVE-2024-6046 SECOM WRTR-304GN-304TW-UPSC - OS Command Injection
SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the...
9.8CVSS
EPSS
Certain models of D-Link wireless routers have a path traversal vulnerability. Unauthenticated attackers on the same local area network can read arbitrary system files by manipulating the...
6.5CVSS
EPSS
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security...
7.4AI Score
EPSS
Certain models of D-Link wireless routers have a path traversal vulnerability. Unauthenticated attackers on the same local area network can read arbitrary system files by manipulating the...
6.5CVSS
6.5AI Score
EPSS
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security...
EPSS
CVE-2024-6045 D-Link router - Hidden Backdoor
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the....
8.8CVSS
EPSS
8.8CVSS
9.5AI Score
0.001EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: kubescape, skaffold, wolfictl, tekton-chains, gitsign, tkn, ko, falcoctl, falco, flux-source-controller, spire-server, melange, apko, policy-controller, vexctl, goreleaser, aactl, slsa-verifier, zarf, neuvector-sigstore-interface,...
7.5AI Score
GHSA-MQ39-4GV4-MVPX vulnerabilities
Vulnerabilities for packages: conftest, kubescape, ctop, dagger, wolfictl, cadvisor, prometheus, syft, tkn, datadog-agent, ko, telegraf, buildkitd, spire-server, up, buf, melange, loki, goreleaser, aactl, crossplane, trivy, zot, kaniko, kargo, grype,...
7.5AI Score
CVE-2024-23652 vulnerabilities
Vulnerabilities for packages: conftest, datadog-agent, trivy, kubescape, guac, docker, kaniko, buildkitd, skaffold, scorecard,...
10CVSS
9.7AI Score
0.001EPSS
6.4CVSS
7.7AI Score
0.0004EPSS
6.5CVSS
7.7AI Score
0.001EPSS
7.2AI Score
0.0004EPSS
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: up, cilium-cli, helm-push, istio-operator, k8sgpt, k9s, chartmuseum, trivy, helm-operator, kubescape, zot, flux-helm-controller, cert-manager, zarf, eksctl, flux-source-controller,...
7.5AI Score
7.5AI Score
0.0004EPSS
8.8CVSS
6.8AI Score
0.001EPSS
7.5AI Score
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
Vulnerabilities for packages: kubernetes-dns-node-cache, consul,...
5.3CVSS
5.5AI Score
0.0004EPSS
7.5AI Score
8.8CVSS
7.2AI Score
0.0004EPSS
7.5AI Score
5.3CVSS
7.5AI Score
0.001EPSS
7.8CVSS
7.5AI Score
0.001EPSS
4.7CVSS
7.5AI Score
0.0004EPSS
6.5CVSS
7.5AI Score
0.001EPSS
5.9CVSS
6.1AI Score
0.001EPSS
CVE-2022-29526 vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner, grpcurl, ctop, kind,...
5.3CVSS
9.3AI Score
0.002EPSS
7.5AI Score
7.5AI Score
7.5AI Score
GHSA-P782-XGP4-8HR8 vulnerabilities
Vulnerabilities for packages: dynamic-localpv-provisioner, grpcurl, ctop, kind,...
7.5AI Score
7.5AI Score
7.5AI Score
GHSA-RHH4-RH7C-7R5V vulnerabilities
Vulnerabilities for packages: k9s, datadog-agent, kubescape, zarf, wolfictl,...
7.5AI Score
5.5AI Score
0.0004EPSS
5.9CVSS
6.7AI Score
0.0004EPSS