SAP NetWeaver, ABAP Platform And SAP Host Agent Security Vulnerabilities

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...

CVE-2024-28180 vulnerabilities

Vulnerabilities for packages: cilium, istio-cni, istio-pilot-discovery, zarf, istio-pilot-agent, grpc-health-probe, istio-operator, frp, flux-source-controller, rabbitmq-messaging-topology-operator, cloudflared, policy-controller, skaffold, timestamp-authority, fulcio, argo-cd, vexctl, kargo,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kyverno, node-problem-detector, prometheus-pushgateway, flux-image-reflector-controller,....

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, prometheus-alertmanager, flux-source-controller, grype, cloud-sql-proxy, kubeflow-katib, mongo-tools, zot, kubernetes, k3s, cortex, helm-push, kubescape, gitlab-shell, loki, kyverno, node-problem-detector, flux-image-reflector-controller,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, go, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, prometheus-pushgateway,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: pulumi-language-dotnet, kubernetes-csi-livenessprobe, influxd, flux-source-controller, grype, telegraf, prometheus-stackdriver-exporter, secrets-store-csi-driver, flux-helm-controller, kubeflow-katib, argo-cd, pulumi-kubernetes-operator, conftest, cortex, tctl, k3d,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: flux-source-controller, grype, kubeflow-katib, ip-masq-agent, nghttp2, cortex, tctl, gke-gcloud-auth-plugin, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, weaviate, kaf, metacontroller, prometheus-blackbox-exporter, helm, cluster-autoscaler,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, kubernetes-dashboard-metrics-scraper, grpcurl, wait-for-port, prometheus-stackdriver-exporter, ip-masq-agent, gitlab-logger, aws-flb-kinesis, petname, sonobuoy, nsc, mage, go-bindata, cortex, gke-gcloud-auth-plugin, helm-push, k3d, aactl,.....

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

GHSA-9WX4-H78V-VM56 vulnerabilities

Vulnerabilities for packages: mlflow, kubeflow-jupyter-web-app, k8s-sidecar, kubeflow-pipelines, airflow, ggshield, patroni, reflex, confluent-docker-utils, py3.10-tensorflow-core, py3-cassandra-medusa, kubeflow-volumes-web-app, az, kubeflow-katib, superset, jwt-tool,...

CVE-2024-28122 vulnerabilities

Vulnerabilities for packages: external-secrets-operator, kyverno, istio-cni, istio-pilot-discovery, istio-pilot-agent, falco, istio-operator, boring-registry, mc, falcoctl, minio,...

CVE-2024-23653 vulnerabilities

Vulnerabilities for packages: conftest, docker, guac, buildkitd, scorecard, kaniko, skaffold, kubescape, trivy, datadog-agent,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, kubernetes-dashboard-metrics-scraper, grpcurl, wait-for-port, prometheus-stackdriver-exporter, ip-masq-agent, gitlab-logger, aws-flb-kinesis, petname, sonobuoy, nsc, mage, go-bindata, cortex, gke-gcloud-auth-plugin, helm-push, k3d, aactl,.....

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, kubernetes-dashboard-metrics-scraper, grpcurl, wait-for-port, prometheus-stackdriver-exporter, ip-masq-agent, gitlab-logger, aws-flb-kinesis, petname, sonobuoy, nsc, mage, go-bindata, cortex, gke-gcloud-auth-plugin, helm-push, k3d, aactl,.....

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: logstash-exporter, gostatsd, grafana-rollout-operator, prometheus-alertmanager, direnv, flux-source-controller, policy-controller, tfsec, mongo-tools, ipfs, ip-masq-agent, harbor-registry, zot, golangci-lint, kubernetes, stern, glab, go-bindata, cortex, delve, go,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: filebeat, dagger, istio-pilot-discovery, zarf, istio-pilot-agent, policy-controller, telegraf, skaffold, flux-helm-controller, kubeflow-katib, zot, k3s, helm-operator, vexctl, traefik, kargo, tekton-pipelines, timoni, gitsign, aactl, tekton-chains, kubescape,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

CVE-2024-35195 vulnerabilities

Vulnerabilities for packages: mlflow, kubeflow-jupyter-web-app, k8s-sidecar, kubeflow-pipelines, airflow, ggshield, patroni, reflex, confluent-docker-utils, py3.10-tensorflow-core, py3-cassandra-medusa, kubeflow-volumes-web-app, az, kubeflow-katib, superset, jwt-tool,...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, nodetaint, kubernetes-csi-driver-hostpath, local-static-provisioner, node-feature-discovery, spark-operator, calico, kubernetes-dns-node-cache, ip-masq-agent, cluster-autoscaler,...

CVE-2024-21664 vulnerabilities

Vulnerabilities for packages: vexctl, external-secrets-operator, kyverno, istio-cni, istio-pilot-discovery, istio-pilot-agent, falco, istio-operator, gitsign, boring-registry, mc, falcoctl, kubescape, minio, tekton-chains,...

GHSA-9P26-698R-W4HX vulnerabilities

Vulnerabilities for packages: conftest, docker, guac, buildkitd, scorecard, kaniko, skaffold, kubescape, trivy, datadog-agent,...

GHSA-WR6V-9F75-VH2G vulnerabilities

Vulnerabilities for packages: conftest, docker, guac, buildkitd, scorecard, kaniko, skaffold, kubescape, trivy, datadog-agent,...

GHSA-XR7R-F8XQ-VFVV vulnerabilities

Vulnerabilities for packages: runc, docker, zarf, kaniko, grype, telegraf, skaffold, zot, kubernetes, k3s, k3d, kubescape, newrelic-infrastructure-agent, kots, datadog-agent, ctop, k9s, buildkitd, cadvisor, ingress-nginx-controller, syft, wolfictl, trivy, nvidia-device-plugin, nerdctl,...

GHSA-PVCR-V8J8-J5Q3 vulnerabilities

Vulnerabilities for packages: vexctl, external-secrets-operator, kyverno, istio-cni, istio-pilot-discovery, istio-pilot-agent, falco, istio-operator, gitsign, boring-registry, mc, falcoctl, kubescape, minio, tekton-chains,...

CVE-2024-23650 vulnerabilities

Vulnerabilities for packages: conftest, docker, guac, buildkitd, scorecard, kaniko, skaffold, kubescape, trivy, datadog-agent,...

CVE-2024-23651 vulnerabilities

Vulnerabilities for packages: conftest, docker, guac, buildkitd, scorecard, kaniko, skaffold, kubescape, trivy, datadog-agent,...

GHSA-4V98-7QMW-RQR8 vulnerabilities

Vulnerabilities for packages: conftest, docker, guac, buildkitd, scorecard, kaniko, skaffold, kubescape, trivy, datadog-agent,...

GHSA-XFHP-JF8P-MH5W vulnerabilities

Vulnerabilities for packages: snyk-cli, k9s, conftest, zarf, tflint, wolfictl, terraform, terragrunt, grype, tfsec, kubescape, opentofu, kots, trivy, datadog-agent,...

CVE-2024-36039 vulnerabilities

Vulnerabilities for packages: datadog-agent,...

GHSA-V9HF-5J83-6XPP vulnerabilities

Vulnerabilities for packages: datadog-agent,...

CVE-2023-49290 vulnerabilities

Vulnerabilities for packages: vexctl, kyverno, istio-cni, istio-pilot-discovery, istio-pilot-agent, istio-operator, falco, gitsign, tekton-chains, falcoctl,...

CVE-2024-6375

A command for refining a collection shard key is missing an authorization check. This may cause the command to run directly on a shard, leading to either degradation of query performance, or to revealing chunk boundaries through timing side channels. This affects MongoDB Server v5.0 versions,...

CVE-2024-34696

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

CVE-2024-23372

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected...

CVE-2024-23373

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting...

CVE-2024-21469

Memory corruption when an invoke call and a TEE call are bound for the same trusted...

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM...

CVE-2024-21460

Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address...

CVE-2024-6375 Missing authorization check may lead to shard key refinement

A command for refining a collection shard key is missing an authorization check. This may cause the command to run directly on a shard, leading to either degradation of query performance, or to revealing chunk boundaries through timing side channels. This affects MongoDB Server v5.0 versions,...

CVE-2024-6375 Missing authorization check may lead to shard key refinement

A command for refining a collection shard key is missing an authorization check. This may cause the command to run directly on a shard, leading to either degradation of query performance, or to revealing chunk boundaries through timing side channels. This affects MongoDB Server v5.0 versions,...

CVE-2024-34696 GeoServer's Server Status shows sensitive environmental variables and Java properties

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

CVE-2024-34696 GeoServer's Server Status shows sensitive environmental variables and Java properties

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

CVE-2024-23373 Use After Free in Graphics

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting...

CVE-2024-23373 Use After Free in Graphics

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting...

CVE-2024-23372 Integer Overflow or Wraparound in Graphics

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected...

CVE-2024-23372 Integer Overflow or Wraparound in Graphics

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected...

CVE-2024-23368 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC

Memory corruption when allocating and accessing an entry in an SMEM...