Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure And Networking Security Vulnerabilities

CVE-2024-22151

Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...

CVE-2024-22151

Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...

CVE-2024-22151 WordPress Import and export users and customers plugin <= 1.24.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: minio, nghttp2, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, kubewatch, thanos, metacontroller, kubernetes-csi-node-driver-registrar, memcached-exporter, kubeflow-katib, flux-helm-controller, gitlab-runner, amass, helm, grype,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: k3s, minio, zot, clusterctl, kots, opentofu, kaf, keda, kubernetes-csi-livenessprobe, kor, terraform-provider-google, istio-operator, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, restic, metacontroller, metallb,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: k3s, zot, kots, k9s, nerdctl, ingress-nginx-controller, runc, k3d, kubernetes, trivy, datadog-agent, cadvisor, kubescape, buildkitd, nvidia-device-plugin, wolfictl, skopeo, kaniko, telegraf, ctop, syft, grype, zarf, docker, skaffold,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: cert-manager, zot, neuvector-agent, tekton-pipelines, kots, helm-push, up, k3d, trivy, kubescape, eksctl, flux-helm-controller, kaniko, telegraf, cilium-cli, ctop, gitness, helm, grype, kubevela, melange, fuse-overlayfs-snapshotter, skaffold, flux-source-controller,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: k3s, minio, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, kor, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, tkn, cfssl, kubeflow-katib, flux-helm-controller,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: k3s, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, cfssl, kubeflow-katib, flux-helm-controller, aws-load-balancer-controller, mongo-tools,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: k3s, minio, zot, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, yq, kubewatch, k3d, thanos, flux, metacontroller, kubernetes-csi-node-driver-registrar, kube-state-metrics, tkn, memcached-exporter, kubeflow-katib, flux-helm-controller, gitlab-runner,....

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: k3s, cert-manager, zot, vexctl, loki, kots, k8sgpt, k9s, nerdctl, tekton-pipelines, traefik, falcoctl, tekton-chains, istio-pilot-agent, filebeat, up, cosign, dagger, trivy, cadvisor, datadog-agent, crane, eksctl, istio-pilot-discovery, kubescape,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: k3s, minio, zot, clusterctl, kots, opentofu, kaf, keda, kubernetes-csi-livenessprobe, kor, terraform-provider-google, istio-operator, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, restic, metacontroller, metallb,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: k3s, minio, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, kor, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, tkn, cfssl, kubeflow-katib, flux-helm-controller,...

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: k3s, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, cfssl, kubeflow-katib, flux-helm-controller, aws-load-balancer-controller, mongo-tools,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: k3s, minio, zot, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, yq, istio-operator, kubewatch, k3d, thanos, flux, metacontroller, kubernetes-csi-node-driver-registrar, kube-state-metrics, tkn, memcached-exporter, kubeflow-katib,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: k3s, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, cfssl, kubeflow-katib, flux-helm-controller, aws-load-balancer-controller, mongo-tools,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: k3s, minio, zot, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, yq, kubewatch, k3d, thanos, flux, metacontroller, kubernetes-csi-node-driver-registrar, kube-state-metrics, tkn, memcached-exporter, kubeflow-katib, flux-helm-controller, gitlab-runner,....

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: k3s, minio, zot, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, yq, istio-operator, kubewatch, k3d, thanos, flux, metacontroller, kubernetes-csi-node-driver-registrar, kube-state-metrics, tkn, memcached-exporter, kubeflow-katib,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: minio, nghttp2, kots, opentofu, kaf, git-lfs, keda, kubernetes-csi-livenessprobe, kubewatch, thanos, metacontroller, kubernetes-csi-node-driver-registrar, memcached-exporter, kubeflow-katib, flux-helm-controller, gitlab-runner, amass, helm, grype,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

GHSA-XR7R-F8XQ-VFVV vulnerabilities

Vulnerabilities for packages: k3s, zot, kots, k9s, nerdctl, ingress-nginx-controller, runc, k3d, kubernetes, trivy, datadog-agent, cadvisor, kubescape, buildkitd, nvidia-device-plugin, wolfictl, skopeo, kaniko, telegraf, ctop, syft, grype, zarf, docker, skaffold,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: k3s, nri-mongodb, helm-push, go-md2man, git-lfs, kaf, keda, kubernetes-csi-livenessprobe, thanos, metacontroller, metallb, newrelic-prometheus-configurator, nri-couchbase, cfssl, kubeflow-katib, flux-helm-controller, aws-load-balancer-controller, mongo-tools,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: k3s, cert-manager, zot, vexctl, loki, kots, k8sgpt, k9s, nerdctl, tekton-pipelines, traefik, falcoctl, tekton-chains, istio-pilot-agent, filebeat, up, cosign, dagger, trivy, cadvisor, datadog-agent, crane, eksctl, istio-pilot-discovery, kubescape,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: govulncheck, k3s, minio, clusterctl, nri-mongodb, nri-nagios, opentofu, helm-push, go-md2man, kaf, keda, kubernetes-csi-livenessprobe, nri-rabbitmq, yq, kor, kubewatch, k3d, rabbitmq-cluster-operator, thanos, flux, local-path-provisioner, metallb,...

CVE-2023-45707

HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional...

CVE-2023-45707

HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional...

CVE-2023-45707 HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS)

HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional...

CVE-2024-37408

fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintd.so" for...

CVE-2024-37408

fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintd.so" for...

ommouldings.com Cross Site Scripting vulnerability OBB-3933911

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-36969

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...

CVE-2024-36970

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybe it something like all worker...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in...

CVE-2024-36967

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error...

CVE-2024-36969

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...

CVE-2024-36968

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev-&gt;le_mtu may not fall in the valid range. Move MTU from hci_dev to hci_conn to...

CVE-2024-36967

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error...

CVE-2024-36970

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybe it something like all worker...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurp_central_directory in...

CVE-2024-36968

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev-&gt;le_mtu may not fall in the valid range. Move MTU from hci_dev to hci_conn to...

CVE-2024-35750

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through...

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the....