WordPress Classifieds Plugin – Ad Directory & Listings By AWP Classifieds Security Vulnerabilities

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: gatekeeper, git-lfs, helm, prometheus-elasticsearch-exporter, cue, rqlite, tctl, tomcat, traefik, nvidia-device-plugin, pulumi, keda, flux-notification-controller, terraform-provider-aws, argo-cd, hey, gitness, spark-operator, kubernetes-csi-livenessprobe,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: gatekeeper, rook, melange, helm, prometheus-elasticsearch-exporter, ctop, hubble-ui, chartmuseum, newrelic-nri-kube-events, secrets-store-csi-driver-provider-aws, rqlite, vault, tctl, k8ssandra-operator, osv-scanner, traefik, grafana-agent-operator,...

CVE-2022-41723 vulnerabilities

Vulnerabilities for packages: go, hey, dynamic-localpv-provisioner, k3d, wireguard-go, gke-gcloud-auth-plugin, restic, grpcurl,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: nats-server, git-lfs, harbor-registry, cue, bazelisk, osv-scanner, aws-network-policy-agent, vexctl, prometheus-mysqld-exporter, volume-modifier-for-k8s, bincapz, keda, k9s, tfsec, gitness, chezmoi, k3d, kube-rbac-proxy, nri-haproxy, boring-registry, regclient,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: nats-server, multus-cni, git-lfs, melange, helm, lazygit, ctop, harbor-registry, hubble-ui, chartmuseum, step, extism, secrets-store-csi-driver-provider-aws, cue, osv-scanner, traefik, go, grafana-agent-operator, nvidia-device-plugin, gobump,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: nats-server, multus-cni, git-lfs, melange, helm, lazygit, ctop, harbor-registry, hubble-ui, chartmuseum, step, extism, secrets-store-csi-driver-provider-aws, cue, osv-scanner, traefik, go, grafana-agent-operator, nvidia-device-plugin, gobump,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: amass, configmap-reload, mage, sops, docker-cli, petname, aws-flb-cloudwatch, cass-operator, go-md2man, ctop, kubernetes-dashboard-metrics-scraper, gitlab-logger, render-template, cni-plugins, prometheus-stackdriver-exporter, grpcurl, nats, goreleaser, gosu,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: gatekeeper, git-lfs, helm, prometheus-elasticsearch-exporter, chartmuseum, vault, cue, rqlite, tctl, nvidia-device-plugin, pulumi, prometheus-mysqld-exporter, karpenter, keda, flux-notification-controller, external-secrets-operator, argo-cd, hey, gitness, k3d,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: gatekeeper, rook, melange, helm, prometheus-elasticsearch-exporter, ctop, hubble-ui, chartmuseum, newrelic-nri-kube-events, secrets-store-csi-driver-provider-aws, rqlite, vault, tctl, k8ssandra-operator, osv-scanner, traefik, grafana-agent-operator,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: rook, sops, py3-azure-identity, prometheus-operator, kyverno, k8sgpt, harbor-registry, py3-cassandra-medusa, step, sigstore-scaffolding, grafana-mimir, trivy, nuclei, traefik, tekton-pipelines, up, zarf, flux-kustomize-controller, goreleaser, grafana-agent-operator,...

GHSA-M5VV-6R4H-3VJ9 vulnerabilities

Vulnerabilities for packages: rook, sops, py3-azure-identity, prometheus-operator, kyverno, k8sgpt, harbor-registry, py3-cassandra-medusa, step, sigstore-scaffolding, grafana-mimir, trivy, nuclei, traefik, tekton-pipelines, up, zarf, flux-kustomize-controller, goreleaser, grafana-agent-operator,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: rook, nats-server, git-lfs, harbor-registry, bazelisk, osv-scanner, vexctl, prometheus-mysqld-exporter, volume-modifier-for-k8s, teleport, keda, k9s, hey, tfsec, gitness, chezmoi, k3d, nri-haproxy, wolfictl, boring-registry, regclient, controller-gen, cloud-sql-proxy,....

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: nats-server, git-lfs, harbor-registry, cue, bazelisk, osv-scanner, aws-network-policy-agent, vexctl, prometheus-mysqld-exporter, volume-modifier-for-k8s, bincapz, keda, k9s, tfsec, gitness, chezmoi, k3d, kube-rbac-proxy, nri-haproxy, boring-registry, regclient,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: nats-server, multus-cni, git-lfs, melange, helm, lazygit, ctop, harbor-registry, hubble-ui, chartmuseum, step, extism, secrets-store-csi-driver-provider-aws, cue, osv-scanner, traefik, go, grafana-agent-operator, nvidia-device-plugin, gobump,...

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: rook, nats-server, git-lfs, harbor-registry, bazelisk, osv-scanner, vexctl, prometheus-mysqld-exporter, volume-modifier-for-k8s, teleport, keda, k9s, hey, tfsec, gitness, chezmoi, k3d, nri-haproxy, wolfictl, boring-registry, regclient, controller-gen, cloud-sql-proxy,....

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: gatekeeper, git-lfs, helm, prometheus-elasticsearch-exporter, chartmuseum, vault, cue, rqlite, tctl, go, nvidia-device-plugin, pulumi, prometheus-mysqld-exporter, karpenter, kubernetes-dns-node-cache, keda, flux-notification-controller, external-secrets-operator,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: amass, configmap-reload, mage, sops, docker-cli, petname, aws-flb-cloudwatch, cass-operator, go-md2man, ctop, kubernetes-dashboard-metrics-scraper, gitlab-logger, render-template, cni-plugins, prometheus-stackdriver-exporter, grpcurl, nats, goreleaser, gosu,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: rook, nats-server, git-lfs, harbor-registry, bazelisk, osv-scanner, vexctl, prometheus-mysqld-exporter, volume-modifier-for-k8s, teleport, keda, k9s, hey, tfsec, gitness, chezmoi, k3d, nri-haproxy, wolfictl, boring-registry, regclient, controller-gen, cloud-sql-proxy,....

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: amass, configmap-reload, mage, sops, docker-cli, petname, aws-flb-cloudwatch, cass-operator, go-md2man, ctop, kubernetes-dashboard-metrics-scraper, gitlab-logger, render-template, cni-plugins, prometheus-stackdriver-exporter, grpcurl, nats, goreleaser, gosu,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: amass, configmap-reload, mage, sops, docker-cli, petname, aws-flb-cloudwatch, cass-operator, go-md2man, ctop, kubernetes-dashboard-metrics-scraper, gitlab-logger, render-template, cni-plugins, prometheus-stackdriver-exporter, grpcurl, nats, goreleaser, gosu,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: gatekeeper, git-lfs, helm, prometheus-elasticsearch-exporter, chartmuseum, vault, cue, rqlite, tctl, go, nvidia-device-plugin, pulumi, prometheus-mysqld-exporter, karpenter, kubernetes-dns-node-cache, keda, flux-notification-controller, external-secrets-operator,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: gatekeeper, git-lfs, helm, prometheus-elasticsearch-exporter, chartmuseum, vault, cue, rqlite, tctl, nvidia-device-plugin, pulumi, prometheus-mysqld-exporter, karpenter, keda, flux-notification-controller, external-secrets-operator, argo-cd, hey, gitness, k3d,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: gatekeeper, kubernetes-csi-external-attacher, envoy-ratelimit, helm, prometheus-adapter, gitlab-pages, prometheus-stackdriver-exporter, tctl, slsa-verifier, src, up, flux-kustomize-controller, goreleaser, nvidia-device-plugin, conftest, pulumi-language-java, pulumi,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: gatekeeper, git-lfs, helm, prometheus-elasticsearch-exporter, cue, rqlite, tctl, tomcat, traefik, nvidia-device-plugin, pulumi, keda, flux-notification-controller, terraform-provider-aws, argo-cd, hey, gitness, spark-operator, kubernetes-csi-livenessprobe,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: nats-server, multus-cni, git-lfs, melange, helm, lazygit, ctop, harbor-registry, hubble-ui, chartmuseum, step, extism, secrets-store-csi-driver-provider-aws, cue, osv-scanner, traefik, go, grafana-agent-operator, nvidia-device-plugin, gobump,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: rook, nats-server, git-lfs, harbor-registry, bazelisk, osv-scanner, vexctl, prometheus-mysqld-exporter, volume-modifier-for-k8s, teleport, keda, k9s, hey, tfsec, gitness, chezmoi, k3d, nri-haproxy, wolfictl, boring-registry, regclient, controller-gen, cloud-sql-proxy,....

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: gatekeeper, nats-server, helm, prometheus-elasticsearch-exporter, lazygit, ctop, hubble-ui, chartmuseum, cni-plugins, nri-rabbitmq, secrets-store-csi-driver-provider-aws, cue, rqlite, bazelisk, tctl, k8ssandra-operator, nvidia-device-plugin, pulumi,...

GHSA-XR7R-F8XQ-VFVV vulnerabilities

Vulnerabilities for packages: ctop, docker, trivy, ingress-nginx-controller, cadvisor, zarf, nvidia-device-plugin, kubernetes, kaniko, grype, datadog-agent, k9s, telegraf, k3d, kots, k3s, wolfictl, newrelic-infrastructure-agent, buildkitd, skaffold, syft, skopeo, runc, kubescape, nerdctl,...

CVE-2024-5289 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting in Google Maps Widget

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget parameters in all versions up to, and including, 3.2.42 due to insufficient input sanitization and output escaping. This makes it possible....

CVE-2024-6054 Auto Featured Image <= 1.2 - Authenticated (Contributor+) Arbitrary File Upload

The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with contributor-level and above....

CVE-2024-35156

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-31912

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-31919

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-35155

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

CVE-2024-35116

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

Security Bulletin: IBM MQ is vulnerable to a denial of service attack (CVE-2024-35116)

Summary IBM MQ has addressed a denial of service vulnerability. Vulnerability Details CVEID: CVE-2024-35116 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack caused by an error applying configuration changes. CVSS Base score: 5.9 CVSS Temporal Score: See: ...

Security Bulletin: IBM MQ Console is affected by a password disclosure vulnerability (CVE-2024-35155)

Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ Console. Vulnerability Details CVEID: CVE-2024-35155 DESCRIPTION: IBM MQ Console could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

Security Bulletin: IBM MQ is affected by a password disclosure vulnerability (CVE-2024-35156)

Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ REST API. Vulnerability Details CVEID: CVE-2024-35156 DESCRIPTION: IBM MQ could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

Security Bulletin: IBM MQ is affected by a vulnerability in Eclipse Jetty (CVE-2024-22201)

Summary An issue was found in Eclipse Jetty that is shipped with the IBM MQ Explorer. Vulnerability Details CVEID: CVE-2024-22201 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by a flaw when an HTTP/2 connection gets TCP congested. By sending a specially crafted request,.....

Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Runtime Environment, Java Technology Edition (CVE-2024-21085)

Summary An issue was identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ. Vulnerability Details CVEID: CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low...

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty

Summary Multiple issues were identified with IBM WebSphere Application Server Liberty, which IBM MQ ships and uses to supply IBM MQ Console and IBM MQ REST API functionality. Vulnerability Details CVEID: CVE-2024-25026 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere...

Security Bulletin: IBM MQ is vulnerable to a denial of service attack (CVE-2024-31919)

Summary IBM MQ has addressed a denial of service vulnerability caused by an error processing messages when an API Exit using MQBUFMH is used. Vulnerability Details CVEID: CVE-2024-31919 DESCRIPTION: IBM MQ, in certain configurations, is vulnerable to a denial of service attack caused by an error...