Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure And Networking Security Vulnerabilities

CVE-2024-36405

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...

CVE-2024-36405 Control-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other options

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...

CVE-2024-36405 Control-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other options

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for -Os, -O1, and other...

edugroup.at Cross Site Scripting vulnerability OBB-3934454

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

daz.schule.at Cross Site Scripting vulnerability OBB-3934450

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

lbv.de Cross Site Scripting vulnerability OBB-3934448

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Using Electronic Health Records (EHRs) for Healthcare Data Extraction

Electronic health records (EHRs) have become crucial tools for storing and managing patient information. These digital records...

Exploiting Mistyped URLs

Interesting research: "Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains": Abstract: Web users often follow hyperlinks hastily, expecting them to be correctly programmed. However, it is possible those links contain typos or other mistakes. By discovering active but erroneous...

caetanobavierabmw.pt Cross Site Scripting vulnerability OBB-3934443

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

businessrescueexpert.co.uk Cross Site Scripting vulnerability OBB-3934440

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

businessbroker.net Improper Access Control vulnerability OBB-3934439

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

cordenperimetersystems.co.uk Cross Site Scripting vulnerability OBB-3934434

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

fjaproducts.com Cross Site Scripting vulnerability OBB-3934435

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

indre44.fr Cross Site Scripting vulnerability OBB-3934433

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

changepeople.org Cross Site Scripting vulnerability OBB-3934432

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

events.armybenevolentfund.org Cross Site Scripting vulnerability OBB-3934430

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Bypassing 2FA with phishing and OTP bots

Introduction Two-factor authentication (2FA) is a security feature we have come to expect as standard by 2024. Most of today's websites offer some form of it, and some of them won't even let you use their service until you enable 2FA. Individual countries have adopted laws that require certain...

buboquote.com Cross Site Scripting vulnerability OBB-3934423

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

brookstradingcourse.com Cross Site Scripting vulnerability OBB-3934421

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

brooksplace.org Cross Site Scripting vulnerability OBB-3934417

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

florisbooks.co.uk Cross Site Scripting vulnerability OBB-3934416

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: zarf, ctop, k3d, telegraf, skaffold, nvidia-device-plugin, grype, kubescape, skopeo, k9s, nerdctl, newrelic-infrastructure-agent, zot, wolfictl, syft, runc, kaniko, buildkitd, k3s, trivy, datadog-agent, kubernetes, docker, cadvisor, kots,...

GHSA-7WW5-4WQC-M92C vulnerabilities

Vulnerabilities for packages: eksctl, ctop, k3d, helm, telegraf, skaffold, cert-manager, grype, kubescape, kubevela, newrelic-infrastructure-agent, up, flux-helm-controller, zot, gitness, helm-push, tekton-pipelines, kaniko, trivy, melange, cilium-cli, flux-source-controller,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: kubevela, dynamic-localpv-provisioner, haproxy-ingress, prometheus-blackbox-exporter, terraform-provider-azurerm, nats, dotnet, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter, minio, tomcat, falco, kaf, gitlab-runner,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, argo-workflows, litefs, runc, vexctl, hubble-ui, golangci-lint, kubevela, k9s, dynamic-localpv-provisioner, nerdctl, weaviate, haproxy-ingress, flux-image-automation-controller, terraform-provider-azurerm, kustomize,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: nuclei, falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, nerdctl, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: prometheus-operator, kubevela, dynamic-localpv-provisioner, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, zot, chartmuseum, secrets-store-csi-driver, oauth2-proxy, prometheus-elasticsearch-exporter, prometheus-mongodb-exporter,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: eksctl, zarf, istio-pilot-agent, prometheus, ctop, kargo, argo-workflows, helm, telegraf, gitsign, docker-credential-gcr, vexctl, skaffold, skopeo, cert-manager, kubescape, kyverno, falcoctl, loki, kubevela, k9s, nerdctl, newrelic-infrastructure-agent, dagger, up,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, argo-workflows, litefs, runc, vexctl, hubble-ui, golangci-lint, kubevela, k9s, dynamic-localpv-provisioner, nerdctl, weaviate, haproxy-ingress, flux-image-automation-controller, terraform-provider-azurerm, kustomize,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: nuclei, falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, nerdctl, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: prometheus-operator, kubevela, dynamic-localpv-provisioner, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, nats, zot, chartmuseum, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: kubevela, dynamic-localpv-provisioner, haproxy-ingress, prometheus-blackbox-exporter, terraform-provider-azurerm, nats, dotnet, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter, minio, tomcat, falco, kaf, gitlab-runner,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, nerdctl, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: prometheus-operator, kubevela, dynamic-localpv-provisioner, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, zot, chartmuseum, secrets-store-csi-driver, oauth2-proxy, prometheus-elasticsearch-exporter, prometheus-mongodb-exporter,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: prometheus-operator, kubevela, dynamic-localpv-provisioner, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, nats, zot, chartmuseum, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: falcosidekick, wire-go, golangci-lint, kubevela, k9s, kubebuilder, nerdctl, terraform-provider-azurerm, cluster-proportional-autoscaler, protoc-gen-go, mods, go-fips, kyverno-policy-reporter-ui, prometheus-elasticsearch-exporter, mongo-tools, addon-resizer,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: eksctl, zarf, istio-pilot-agent, prometheus, ctop, kargo, argo-workflows, helm, telegraf, gitsign, docker-credential-gcr, vexctl, skaffold, skopeo, cert-manager, kubescape, kyverno, falcoctl, loki, kubevela, k9s, nerdctl, newrelic-infrastructure-agent, dagger, up,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: nuclei, prometheus-operator, wire-go, litefs, runc, vexctl, ytt, hubble-ui, govulncheck, golangci-lint, kubevela, kubebuilder, dynamic-localpv-provisioner, nerdctl, haproxy-ingress, flux-image-automation-controller, prometheus-blackbox-exporter, kustomize, tailscale,.....

GHSA-XR7R-F8XQ-VFVV vulnerabilities

Vulnerabilities for packages: zarf, ctop, k3d, telegraf, skaffold, nvidia-device-plugin, grype, kubescape, skopeo, k9s, nerdctl, newrelic-infrastructure-agent, zot, wolfictl, syft, runc, kaniko, buildkitd, k3s, trivy, datadog-agent, kubernetes, docker, cadvisor, kots,...