sz-fpi.com Cross Site Scripting vulnerability OBB-3934023
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
supertower.com.sg Cross Site Scripting vulnerability OBB-3934018
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
sumka-koshelek.ru Cross Site Scripting vulnerability OBB-3934015
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
sunshinecoastwalks.com Cross Site Scripting vulnerability OBB-3934016
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
stripe-club.com Cross Site Scripting vulnerability OBB-3934013
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
stertil-koni.com Cross Site Scripting vulnerability OBB-3934009
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
CVE-2024-5772 Netentsec NS-ASG Application Security Gateway deleteiscuser.php sql injection
A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /protocol/iscuser/deleteiscuser.php. The manipulation of the argument messagecontent leads to sql injection. The attack may....
6.3CVSS
CVE-2024-5772 Netentsec NS-ASG Application Security Gateway deleteiscuser.php sql injection
A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /protocol/iscuser/deleteiscuser.php. The manipulation of the argument messagecontent leads to sql injection. The attack may....
6.3CVSS
nkmaringa.com.br Cross Site Scripting vulnerability OBB-3934003
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the component POST Request Handler. The manipulation of the argument param1 leads to sql injection. The...
6.3CVSS
A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the component POST Request Handler. The manipulation of the argument param1 leads to sql injection. The...
6.3CVSS
CVE-2024-5771 LabVantage LIMS POST Request sql injection
A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the component POST Request Handler. The manipulation of the argument param1 leads to sql injection. The...
6.3CVSS
kenoshi.com Cross Site Scripting vulnerability OBB-3933999
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: nginx-stable, cilium-envoy, kpt, dotnet, gitlab-pages, pulumi, prometheus-elasticsearch-exporter, influxd, tomcat, cluster-autoscaler, hey, prometheus-adapter, nginx-mainline, cosign, nats, argo-cd, memcached-exporter, src, mc, wireguard-go,...
7.5CVSS
9AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: boring-registry, nfs-subdir-external-provisioner, istio-pilot-agent, kubernetes-csi-driver-hostpath, kpt, prometheus-mongodb-exporter, gitlab-pages, newrelic-nri-kube-events, rclone, pulumi, docker-compose, prometheus-elasticsearch-exporter, istio-operator, influxd,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: buildkitd, kaniko, telegraf, wolfictl, zot, runc, kubernetes, kots, k9s, docker, datadog-agent, newrelic-infrastructure-agent, skopeo, ingress-nginx-controller, trivy, zarf, nerdctl, k3d, ctop, cadvisor, k3s, nvidia-device-plugin, kubescape, skaffold, syft,...
8.6CVSS
9.2AI Score
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: kaniko, telegraf, up, neuvector-agent, zot, flux-helm-controller, gitness, kubevela, kots, fuse-overlayfs-snapshotter, melange, flux-source-controller, helm, eksctl, newrelic-infrastructure-agent, tekton-pipelines, k3d, cert-manager, helm-push, ctop, cilium-cli,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, cni-plugins, kor, nri-nginx, helm-operator, gitlab-logger, k8ssandra-operator,...
6.7AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...
7.2AI Score
Vulnerabilities for packages: nfs-subdir-external-provisioner, kpt, prometheus-mongodb-exporter, gitlab-pages, pulumi, prometheus-elasticsearch-exporter, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, hey, prometheus-adapter, prometheus-node-exporter,...
6.1CVSS
7.2AI Score
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: buildkitd, gitlab-runner, kyverno, slsa-verifier, filebeat, istio-pilot-agent, telegraf, up, zot, flux-helm-controller, tekton-chains, kubevela, kots, k9s, kargo, pulumi, goreleaser, skaffold, docker-credential-gcr, falco, helm, bom, datadog-agent, traefik, eksctl,...
7.8CVSS
7.4AI Score
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: boring-registry, nfs-subdir-external-provisioner, istio-pilot-agent, kubernetes-csi-driver-hostpath, kpt, prometheus-mongodb-exporter, gitlab-pages, newrelic-nri-kube-events, rclone, pulumi, docker-compose, prometheus-elasticsearch-exporter, istio-operator, influxd,...
6.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, cni-plugins, kor, nri-nginx, helm-operator, gitlab-logger, k8ssandra-operator,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...
7.2AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: nfs-subdir-external-provisioner, istio-pilot-agent, kpt, prometheus-mongodb-exporter, go, gitlab-pages, kubernetes-ingress-defaultbackend, pulumi, prometheus-elasticsearch-exporter, istio-operator, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, hey,...
7.5CVSS
8.4AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: nfs-subdir-external-provisioner, kpt, prometheus-mongodb-exporter, gitlab-pages, pulumi, prometheus-elasticsearch-exporter, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, hey, prometheus-adapter, prometheus-node-exporter,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: nfs-subdir-external-provisioner, istio-pilot-agent, kpt, prometheus-mongodb-exporter, go, gitlab-pages, kubernetes-ingress-defaultbackend, pulumi, prometheus-elasticsearch-exporter, istio-operator, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, hey,...
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: nginx-stable, cilium-envoy, kpt, dotnet, gitlab-pages, pulumi, prometheus-elasticsearch-exporter, influxd, tomcat, cluster-autoscaler, hey, prometheus-adapter, nginx-mainline, cosign, nats, argo-cd, memcached-exporter, src, mc, wireguard-go,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.5AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: buildkitd, gitlab-runner, kyverno, slsa-verifier, filebeat, istio-pilot-agent, telegraf, up, zot, flux-helm-controller, tekton-chains, kubevela, kots, k9s, kargo, pulumi, goreleaser, skaffold, docker-credential-gcr, falco, helm, bom, datadog-agent, traefik, eksctl,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...
7.8AI Score
GHSA-XR7R-F8XQ-VFVV vulnerabilities
Vulnerabilities for packages: buildkitd, kaniko, telegraf, wolfictl, zot, runc, kubernetes, kots, k9s, docker, datadog-agent, newrelic-infrastructure-agent, skopeo, ingress-nginx-controller, trivy, zarf, nerdctl, k3d, ctop, cadvisor, k3s, nvidia-device-plugin, kubescape, skaffold, syft,...
7.5AI Score
A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the.....
3.9CVSS
A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the.....
3.9CVSS
In lunary-ai/lunary version v1.2.13, an improper authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the checkProjectAccess method within the...
9.8CVSS
In lunary-ai/lunary version v1.2.13, an improper authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the checkProjectAccess method within the...
9.8CVSS
hennweb.de Cross Site Scripting vulnerability OBB-3933997
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
CVE-2024-4146 Improper Authorization in lunary-ai/lunary
In lunary-ai/lunary version v1.2.13, an improper authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the checkProjectAccess method within the...
9.8CVSS
baltimorepc.org Cross Site Scripting vulnerability OBB-3933995
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
CVE-2024-4680 Insufficient Session Expiration in zenml-io/zenml
A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the.....
3.9CVSS