Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

SAP ABAP Server & ABAP Platform (Translation Tools) Security Vulnerabilities

cve
cve

CVE-2024-6424

External server-side request vulnerability in MESbook 20221021.03 version, which could allow a remote, unauthenticated attacker to exploit the endpoint...

9.3CVSS

9.2AI Score

EPSS

2024-07-01 01:15 PM
2
cve
cve

CVE-2024-6387

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that...

8.1CVSS

8AI Score

EPSS

2024-07-01 01:15 PM
16
nvd
nvd

CVE-2024-6387

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that...

8.1CVSS

EPSS

2024-07-01 01:15 PM
1
nvd
nvd

CVE-2024-6424

External server-side request vulnerability in MESbook 20221021.03 version, which could allow a remote, unauthenticated attacker to exploit the endpoint...

9.3CVSS

EPSS

2024-07-01 01:15 PM
1
cvelist
cvelist

CVE-2024-6424 Server-Side Request Forgery vulnerability in MESbook

External server-side request vulnerability in MESbook 20221021.03 version, which could allow a remote, unauthenticated attacker to exploit the endpoint...

9.3CVSS

EPSS

2024-07-01 12:54 PM
3
thn
thn

Indian Software Firm's Products Hacked to Spread Data-Stealing Malware

Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply...

7AI Score

2024-07-01 12:44 PM
1
cvelist
cvelist

CVE-2024-6387 Openssh: possible remote code execution due to a race condition in signal handling

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that...

8.1CVSS

EPSS

2024-07-01 12:37 PM
1
thn
thn

End-to-End Secrets Security: Making a Plan to Secure Your Machine Identities

At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of secrets we need to worry about. According to CyberArk's recent research,...

6.7AI Score

2024-07-01 10:51 AM
5
thn
thn

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH...

8.1CVSS

8.8AI Score

EPSS

2024-07-01 10:50 AM
7
githubexploit
githubexploit

Exploit for CVE-2024-6387

cve-2024-6387-poc a signal handler race condition in...

9.8AI Score

EPSS

2024-07-01 10:42 AM
14
githubexploit
githubexploit

Exploit for CVE-2024-37765

Description MachForm up to version 19 is affected by an...

7.7AI Score

EPSS

2024-07-01 10:39 AM
5
wolfi
wolfi

CVE-2024-21047 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-07-01 09:08 AM
14
wolfi
wolfi

CVE-2024-21062 vulnerabilities

Vulnerabilities for packages:...

4.9CVSS

6AI Score

0.0004EPSS

2024-07-01 09:08 AM
13
wolfi
wolfi

GHSA-5XQ9-RCPJ-P52V vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-07-01 09:08 AM
9
wolfi
wolfi

GHSA-88H4-JW57-85V9 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-07-01 09:08 AM
12
wolfi
wolfi

GHSA-R27R-5FWH-VXQW vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-07-01 09:08 AM
11
wolfi
wolfi

CVE-2024-21885 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-07-01 09:08 AM
45
wolfi
wolfi

CVE-2024-21886 vulnerabilities

Vulnerabilities for packages:...

7.8CVSS

7.1AI Score

0.0004EPSS

2024-07-01 09:08 AM
45
wolfi
wolfi

GHSA-49WX-9H9F-8C9G vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-07-01 09:08 AM
45
wolfi
wolfi

CVE-2024-31080 vulnerabilities

Vulnerabilities for packages:...

7.3CVSS

7.1AI Score

0.0005EPSS

2024-07-01 09:08 AM
38
wolfi
wolfi

CVE-2024-29018 vulnerabilities

Vulnerabilities for packages: docker-compose, aactl, syft, grype, cadvisor, ctop, dagger, conftest, kargo, ko, goreleaser, tkn, trivy, melange, kubescape, zot, telegraf, datadog-agent, kaniko, up, spire-server, buildkitd, loki, buf, wolfictl, prometheus,...

5.9CVSS

6.1AI Score

0.0004EPSS

2024-07-01 09:08 AM
163
wolfi
wolfi

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: dex, vault, aactl, cosign, keda, istio-pilot-discovery, kots, traefik, sops, cilium-envoy, fulcio, external-secrets-operator, terragrunt, tkn, cert-manager, flux-kustomize-controller, falco, kubescape, argo-workflows, flux-source-controller, slsa-verifier,...

7.5AI Score

2024-07-01 09:08 AM
355
wolfi
wolfi

GHSA-MQ39-4GV4-MVPX vulnerabilities

Vulnerabilities for packages: docker-compose, aactl, syft, grype, cadvisor, ctop, dagger, conftest, kargo, ko, goreleaser, tkn, trivy, melange, kubescape, zot, telegraf, datadog-agent, kaniko, up, spire-server, buildkitd, loki, buf, wolfictl, prometheus,...

7.5AI Score

2024-07-01 09:08 AM
149
wolfi
wolfi

CVE-2024-21506 vulnerabilities

Vulnerabilities for packages: datadog-agent, py3-pymongo,...

6.7AI Score

0.0004EPSS

2024-07-01 09:08 AM
48
wolfi
wolfi

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: src, vault, amass, ferretdb, keda, caddy, temporal-server, trillian, kots, argo-workflows, kine, kube-bench, spicedb, step-ca, telegraf,...

9.8CVSS

9.7AI Score

0.0004EPSS

2024-07-01 09:08 AM
136
wolfi
wolfi

CVE-2024-25710 vulnerabilities

Vulnerabilities for packages: gradle, trino, neo4j, jenkins, dependency-track, wavefront-proxy, opensearch,...

8.1CVSS

7AI Score

0.001EPSS

2024-07-01 09:08 AM
96
wolfi
wolfi

GHSA-4265-CCF5-PHJ5 vulnerabilities

Vulnerabilities for packages: gradle, trino, neo4j, jenkins, dependency-track, wavefront-proxy, opensearch,...

7.5AI Score

2024-07-01 09:08 AM
98
wolfi
wolfi

GHSA-MRWW-27VC-GGHV vulnerabilities

Vulnerabilities for packages: src, vault, amass, ferretdb, keda, caddy, temporal-server, trillian, kots, argo-workflows, kine, kube-bench, spicedb, step-ca, telegraf,...

7.5AI Score

2024-07-01 09:08 AM
117
wolfi
wolfi

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: bank-vaults, aactl, flux-helm-controller, cosign, keda, pulumi, rook, k3d, flux-image-reflector-controller, glab, sops, falcoctl, pulumi-kubernetes-operator, flux, flux-notification-controller, fulcio, k3s, actions-runner-controller, influxd, kargo, kubevela, nuclei,.....

6CVSS

6AI Score

0.0004EPSS

2024-07-01 09:08 AM
17
wolfi
wolfi

CVE-2024-28219 vulnerabilities

Vulnerabilities for packages: pytorch, py3-pillow,...

6.7CVSS

7AI Score

0.0004EPSS

2024-07-01 09:08 AM
44
wolfi
wolfi

GHSA-M87M-MMVP-V9QM vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-07-01 09:08 AM
10
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

7.8AI Score

0.0004EPSS

2024-07-01 09:08 AM
200
wolfi
wolfi

CVE-2024-20994 vulnerabilities

Vulnerabilities for packages:...

5.3CVSS

6.1AI Score

0.0004EPSS

2024-07-01 09:08 AM
9
wolfi
wolfi

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: dagger, docker-compose, kaniko, harbor-scanner-trivy, helm-push, cri-tools, syft, melange, docker, neuvector-scanner, grype, buf, wolfictl, k3d, policy-controller, prometheus,...

7.5AI Score

2024-07-01 09:08 AM
69
wolfi
wolfi

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: aactl, falcoctl, ko, goreleaser, tkn, zarf, melange, falco, kubescape, slsa-verifier, flux-source-controller, policy-controller, neuvector-sigstore-interface, zot, gitsign, tekton-chains, wolfictl, skaffold, apko, spire-server,...

7.5AI Score

2024-07-01 09:08 AM
93
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: coredns, dex, stakater-reloader, cosign, keda, rqlite, kots, istio-envoy, flux-notification-controller, prometheus-stackdriver-exporter, dgraph, nri-prometheus, ip-masq-agent, nginx-stable, goreleaser, minio, cert-manager, sigstore-scaffolding, envoy-ratelimit,...

7.5CVSS

9AI Score

0.732EPSS

2024-07-01 09:08 AM
631
wolfi
wolfi

GHSA-VQ7J-GX56-RXJH vulnerabilities

Vulnerabilities for packages: metrics-server, kind,...

7.5AI Score

2024-07-01 09:08 AM
164
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, cosign, keda, syft, velero, cilium-cli, prometheus-beat-exporter, kots, restic, rook, rqlite, falcoctl, spicedb, vertical-pod-autoscaler, flux, configmap-reload, flux-notification-controller, fulcio, prometheus-stackdriver-exporter, dagger,...

7.5AI Score

2024-07-01 09:08 AM
189
wolfi
wolfi

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: coredns, dex, falcosidekick, nvidia-container-toolkit, harbor-scanner-trivy, cosign, cilium-cli, mkcert, prometheus-beat-exporter, go-bindata, spicedb, falcoctl, ghaudit, vertical-pod-autoscaler, configmap-reload, flux-notification-controller, fulcio, go-md2man,...

6.5AI Score

0.0004EPSS

2024-07-01 09:08 AM
23
wolfi
wolfi

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: coredns, dex, falcosidekick, nvidia-container-toolkit, harbor-scanner-trivy, cosign, cilium-cli, mkcert, prometheus-beat-exporter, go-bindata, spicedb, falcoctl, ghaudit, vertical-pod-autoscaler, configmap-reload, flux-notification-controller, fulcio, go-md2man,...

7.5AI Score

2024-07-01 09:08 AM
16
wolfi
wolfi

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: falcosidekick, nri-mssql, ghaudit, flux, yq, newrelic-prometheus-configurator, dgraph, kubeadm-controlplane-controller, ip-masq-agent, kubernetes-ingress-defaultbackend, trillian, php-fpm_exporter, cfssl, metallb, buildkitd, loki, task, gitness,...

5.5CVSS

6.1AI Score

0.0004EPSS

2024-07-01 09:08 AM
28
wolfi
wolfi

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: bank-vaults, aactl, flux-helm-controller, cosign, keda, pulumi, rook, k3d, flux-image-reflector-controller, glab, sops, falcoctl, pulumi-kubernetes-operator, flux, flux-notification-controller, fulcio, k3s, actions-runner-controller, influxd, kargo, kubevela, nuclei,.....

7.5AI Score

2024-07-01 09:08 AM
2
wolfi
wolfi

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: coredns, dex, stakater-reloader, cosign, keda, rqlite, kots, falcoctl, vertical-pod-autoscaler, flux, flux-notification-controller, prometheus-stackdriver-exporter, yq, dgraph, nri-prometheus, prometheus-pushgateway, trillian, goreleaser, prometheus-postgres-exporter,....

6.1CVSS

7.3AI Score

0.001EPSS

2024-07-01 09:08 AM
94
wolfi
wolfi

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: aactl, flux-helm-controller, helm, cosign, nerdctl, cri-tools, pulumi, istio-pilot-discovery, eksctl, istio-pilot-agent, kots, flux-image-reflector-controller, traefik, falcoctl, cadvisor, timoni, ctop, k3s, dagger, crane, k8sgpt, kargo, kubevela, scorecard,...

7.8CVSS

7.5AI Score

0.001EPSS

2024-07-01 09:08 AM
29
wolfi
wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, cosign, keda, syft, velero, cilium-cli, prometheus-beat-exporter, kots, restic, rook, rqlite, falcoctl, spicedb, vertical-pod-autoscaler, flux, configmap-reload, flux-notification-controller, fulcio, prometheus-stackdriver-exporter, dagger,...

6.6AI Score

0.0004EPSS

2024-07-01 09:08 AM
30
wolfi
wolfi

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: dex, stakater-reloader, keda, velero, nri-mssql, prometheus-beat-exporter, nri-apache, rqlite, go-bindata, vertical-pod-autoscaler, flux, go-md2man, configmap-reload, yq, newrelic-prometheus-configurator, aws-flb-cloudwatch, dagger, dgraph,...

7.5AI Score

2024-07-01 09:08 AM
28
wolfi
wolfi

GHSA-M5VV-6R4H-3VJ9 vulnerabilities

Vulnerabilities for packages: bank-vaults, cosign, keda, harbor-registry, pulumi, fluent-bit-plugin-loki, teleport, velero, restic, rook, flux-image-reflector-controller, step, sops, falcoctl, traefik, flux, fulcio, sqlpad, external-secrets-operator, k8sgpt, chezmoi, goreleaser, rclone,...

7.5AI Score

2024-07-01 09:08 AM
7
wolfi
wolfi

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-katib, confluent-docker-utils, k8s-sidecar, kubeflow-jupyter-web-app, kubeflow-pipelines, ggshield, py3.10-tensorflow-core, py3-idna, py3-cassandra-medusa, az, dask-gateway, jwt-tool, kubeflow-volumes-web-app,...

6.7AI Score

EPSS

2024-07-01 09:08 AM
27
wolfi
wolfi

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: datadog-agent, kubeflow-katib, confluent-docker-utils, k8s-sidecar, kubeflow-jupyter-web-app, kubeflow-pipelines, ggshield, py3.10-tensorflow-core, py3-idna, py3-cassandra-medusa, az, dask-gateway, jwt-tool, kubeflow-volumes-web-app,...

7.5AI Score

2024-07-01 09:08 AM
34
wolfi
wolfi

GHSA-679V-HH23-H5JH vulnerabilities

Vulnerabilities for packages: metrics-server, kind,...

7.5AI Score

2024-07-01 09:08 AM
5
Total number of security vulnerabilities544346