Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...
5.3CVSS
7.3AI Score
Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...
5.3CVSS
Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...
5.3CVSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: minio, nghttp2, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, kubewatch, thanos, metacontroller, kubernetes-csi-node-driver-registrar, memcached-exporter, kubeflow-katib, flux-helm-controller, gitlab-runner, amass, helm, grype,...
7.5CVSS
9AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: k3s, minio, zot, clusterctl, kots, opentofu, kaf, keda, kubernetes-csi-livenessprobe, kor, terraform-provider-google, istio-operator, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, restic, metacontroller, metallb,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.8AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: k3s, zot, kots, k9s, nerdctl, ingress-nginx-controller, runc, k3d, kubernetes, trivy, datadog-agent, cadvisor, kubescape, buildkitd, nvidia-device-plugin, wolfictl, skopeo, kaniko, telegraf, ctop, syft, grype, zarf, docker, skaffold,...
8.6CVSS
9.2AI Score
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: cert-manager, zot, neuvector-agent, tekton-pipelines, kots, helm-push, up, k3d, trivy, kubescape, eksctl, flux-helm-controller, kaniko, telegraf, cilium-cli, ctop, gitness, helm, grype, kubevela, melange, fuse-overlayfs-snapshotter, skaffold, flux-source-controller,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: k3s, minio, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, kor, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, tkn, cfssl, kubeflow-katib, flux-helm-controller,...
6.7AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: k3s, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, cfssl, kubeflow-katib, flux-helm-controller, aws-load-balancer-controller, mongo-tools,...
7.2AI Score
Vulnerabilities for packages: k3s, minio, zot, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, yq, kubewatch, k3d, thanos, flux, metacontroller, kubernetes-csi-node-driver-registrar, kube-state-metrics, tkn, memcached-exporter, kubeflow-katib, flux-helm-controller, gitlab-runner,....
6.1CVSS
7.2AI Score
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: k3s, cert-manager, zot, vexctl, loki, kots, k8sgpt, k9s, nerdctl, tekton-pipelines, traefik, falcoctl, tekton-chains, istio-pilot-agent, filebeat, up, cosign, dagger, trivy, cadvisor, datadog-agent, crane, eksctl, istio-pilot-discovery, kubescape,...
7.8CVSS
7.4AI Score
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: k3s, minio, zot, clusterctl, kots, opentofu, kaf, keda, kubernetes-csi-livenessprobe, kor, terraform-provider-google, istio-operator, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, restic, metacontroller, metallb,...
6.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.8AI Score
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: k3s, minio, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, kor, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, tkn, cfssl, kubeflow-katib, flux-helm-controller,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: k3s, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, cfssl, kubeflow-katib, flux-helm-controller, aws-load-balancer-controller, mongo-tools,...
7.2AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: k3s, minio, zot, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, yq, istio-operator, kubewatch, k3d, thanos, flux, metacontroller, kubernetes-csi-node-driver-registrar, kube-state-metrics, tkn, memcached-exporter, kubeflow-katib,...
7.5CVSS
8.4AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.5AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: k3s, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, cfssl, kubeflow-katib, flux-helm-controller, aws-load-balancer-controller, mongo-tools,...
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: k3s, minio, zot, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, yq, kubewatch, k3d, thanos, flux, metacontroller, kubernetes-csi-node-driver-registrar, kube-state-metrics, tkn, memcached-exporter, kubeflow-katib, flux-helm-controller, gitlab-runner,....
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: k3s, minio, zot, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, yq, istio-operator, kubewatch, k3d, thanos, flux, metacontroller, kubernetes-csi-node-driver-registrar, kube-state-metrics, tkn, memcached-exporter, kubeflow-katib,...
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: minio, nghttp2, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, kubewatch, thanos, metacontroller, kubernetes-csi-node-driver-registrar, memcached-exporter, kubeflow-katib, flux-helm-controller, gitlab-runner, amass, helm, grype,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.8AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.8AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.5AI Score
GHSA-XR7R-F8XQ-VFVV vulnerabilities
Vulnerabilities for packages: k3s, zot, kots, k9s, nerdctl, ingress-nginx-controller, runc, k3d, kubernetes, trivy, datadog-agent, cadvisor, kubescape, buildkitd, nvidia-device-plugin, wolfictl, skopeo, kaniko, telegraf, ctop, syft, grype, zarf, docker, skaffold,...
7.5AI Score
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: k3s, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, cfssl, kubeflow-katib, flux-helm-controller, aws-load-balancer-controller, mongo-tools,...
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: k3s, cert-manager, zot, vexctl, loki, kots, k8sgpt, k9s, nerdctl, tekton-pipelines, traefik, falcoctl, tekton-chains, istio-pilot-agent, filebeat, up, cosign, dagger, trivy, cadvisor, datadog-agent, crane, eksctl, istio-pilot-discovery, kubescape,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...
7.8AI Score
HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional...
4.4CVSS
HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional...
4.4CVSS
CVE-2023-45707 HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS)
HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional...
4.4CVSS
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintd.so" for...
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintd.so" for...
ommouldings.com Cross Site Scripting vulnerability OBB-3933911
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybe it something like all worker...
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in...
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error...
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the valid range. Move MTU from hci_dev to hci_conn to...
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error...
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybe it something like all worker...
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in...
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the valid range. Move MTU from hci_dev to hci_conn to...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through...
8.5CVSS
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the....