liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...
5.9CVSS
EPSS
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...
5.9CVSS
EPSS
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...
5.9CVSS
EPSS
edugroup.at Cross Site Scripting vulnerability OBB-3934454
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
daz.schule.at Cross Site Scripting vulnerability OBB-3934450
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
lbv.de Cross Site Scripting vulnerability OBB-3934448
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Using Electronic Health Records (EHRs) for Healthcare Data Extraction
Electronic health records (EHRs) have become crucial tools for storing and managing patient information. These digital records...
Interesting research: "Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains": Abstract: Web users often follow hyperlinks hastily, expecting them to be correctly programmed. However, it is possible those links contain typos or other mistakes. By discovering active but erroneous...
caetanobavierabmw.pt Cross Site Scripting vulnerability OBB-3934443
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
businessrescueexpert.co.uk Cross Site Scripting vulnerability OBB-3934440
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
businessbroker.net Improper Access Control vulnerability OBB-3934439
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
cordenperimetersystems.co.uk Cross Site Scripting vulnerability OBB-3934434
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
fjaproducts.com Cross Site Scripting vulnerability OBB-3934435
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
indre44.fr Cross Site Scripting vulnerability OBB-3934433
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
changepeople.org Cross Site Scripting vulnerability OBB-3934432
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
events.armybenevolentfund.org Cross Site Scripting vulnerability OBB-3934430
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Bypassing 2FA with phishing and OTP bots
Introduction Two-factor authentication (2FA) is a security feature we have come to expect as standard by 2024. Most of today's websites offer some form of it, and some of them won't even let you use their service until you enable 2FA. Individual countries have adopted laws that require certain...
buboquote.com Cross Site Scripting vulnerability OBB-3934423
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
brookstradingcourse.com Cross Site Scripting vulnerability OBB-3934421
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
brooksplace.org Cross Site Scripting vulnerability OBB-3934417
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
florisbooks.co.uk Cross Site Scripting vulnerability OBB-3934416
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: zarf, ctop, k3d, telegraf, skaffold, nvidia-device-plugin, grype, kubescape, skopeo, k9s, nerdctl, newrelic-infrastructure-agent, zot, wolfictl, syft, runc, kaniko, buildkitd, k3s, trivy, datadog-agent, kubernetes, docker, cadvisor, kots,...
8.6CVSS
9.2AI Score
0.051EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: eksctl, ctop, k3d, helm, telegraf, skaffold, cert-manager, grype, kubescape, kubevela, newrelic-infrastructure-agent, up, flux-helm-controller, zot, gitness, helm-push, tekton-pipelines, kaniko, trivy, melange, cilium-cli, flux-source-controller,...
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: kubevela, dynamic-localpv-provisioner, haproxy-ingress, prometheus-blackbox-exporter, terraform-provider-azurerm, nats, dotnet, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter, minio, tomcat, falco, kaf, gitlab-runner,...
7.5CVSS
9AI Score
0.732EPSS
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.8AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, argo-workflows, litefs, runc, vexctl, hubble-ui, golangci-lint, kubevela, k9s, dynamic-localpv-provisioner, nerdctl, weaviate, haproxy-ingress, flux-image-automation-controller, terraform-provider-azurerm, kustomize,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: nuclei, falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...
6.8AI Score
0.0004EPSS
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, nerdctl, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...
7.2AI Score
0.0004EPSS
Vulnerabilities for packages: prometheus-operator, kubevela, dynamic-localpv-provisioner, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, zot, chartmuseum, secrets-store-csi-driver, oauth2-proxy, prometheus-elasticsearch-exporter, prometheus-mongodb-exporter,...
6.1CVSS
7.2AI Score
0.001EPSS
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: eksctl, zarf, istio-pilot-agent, prometheus, ctop, kargo, argo-workflows, helm, telegraf, gitsign, docker-credential-gcr, vexctl, skaffold, skopeo, cert-manager, kubescape, kyverno, falcoctl, loki, kubevela, k9s, nerdctl, newrelic-infrastructure-agent, dagger, up,...
7.8CVSS
7.5AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, argo-workflows, litefs, runc, vexctl, hubble-ui, golangci-lint, kubevela, k9s, dynamic-localpv-provisioner, nerdctl, weaviate, haproxy-ingress, flux-image-automation-controller, terraform-provider-azurerm, kustomize,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: nuclei, falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, nerdctl, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...
7.2AI Score
0.0004EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: prometheus-operator, kubevela, dynamic-localpv-provisioner, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, nats, zot, chartmuseum, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter,...
7.5CVSS
8.4AI Score
0.002EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: kubevela, dynamic-localpv-provisioner, haproxy-ingress, prometheus-blackbox-exporter, terraform-provider-azurerm, nats, dotnet, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter, minio, tomcat, falco, kaf, gitlab-runner,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.8AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.8AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.5AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, nerdctl, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: prometheus-operator, kubevela, dynamic-localpv-provisioner, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, zot, chartmuseum, secrets-store-csi-driver, oauth2-proxy, prometheus-elasticsearch-exporter, prometheus-mongodb-exporter,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: prometheus-operator, kubevela, dynamic-localpv-provisioner, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, nats, zot, chartmuseum, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter,...
7.5AI Score
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, nerdctl, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...
GHSA-XW73-RW38-6VJC vulnerabilities
Vulnerabilities for packages: eksctl, zarf, istio-pilot-agent, prometheus, ctop, kargo, argo-workflows, helm, telegraf, gitsign, docker-credential-gcr, vexctl, skaffold, skopeo, cert-manager, kubescape, kyverno, falcoctl, loki, kubevela, k9s, nerdctl, newrelic-infrastructure-agent, dagger, up,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....
7.8AI Score
0.0004EPSS
GHSA-XR7R-F8XQ-VFVV vulnerabilities
Vulnerabilities for packages: zarf, ctop, k3d, telegraf, skaffold, nvidia-device-plugin, grype, kubescape, skopeo, k9s, nerdctl, newrelic-infrastructure-agent, zot, wolfictl, syft, runc, kaniko, buildkitd, k3s, trivy, datadog-agent, kubernetes, docker, cadvisor, kots,...
7.5AI Score