This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The process and objective is simple we can get a clear perspective view on the packages installed by APT (currently working on implementing this for RPM and other package managers). This is.....
In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: fix loss of young/dirty bits during pagemap scan make_uffd_wp_pte() was previously doing: pte = ptep_get(ptep); ptep_modify_prot_start(ptep); pte = pte_mkuffd_wp(pte); ptep_modify_prot_commit(ptep, pte); But if...
In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which syzbot reported [1]. [1] BUG: KCSAN: data-race in sk_psock_drop /...
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks. Integration for Contact Form 7 and Constant Contact.This issue affects Integration for Contact Form 7 and Constant Contact: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Wishlist allows Stored XSS.This issue affects YITH WooCommerce Wishlist: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through...
CVE-2024-34767 WordPress ShopLentor plugin <= 2.8.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes ShopLentor allows Stored XSS.This issue affects ShopLentor: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in cyclonetheme Elegant Blocks allows Stored XSS.This issue affects Elegant Blocks: from n/a through...
CVE-2024-34770 WordPress Popup Maker WP plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Popup Maker Popup Maker WP allows Stored XSS.This issue affects Popup Maker WP: from n/a through...
Technology was once simply a tool--and a small one at that--used to amplify human intent and capacity. That was the story of the industrial revolution: we could control nature and build large, complex human societies, and the more we employed and mastered technology, the better things got. We...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Hait Post Grid Elementor Addon allows Stored XSS.This issue affects Post Grid Elementor Addon: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hans van Eijsden,niwreg ImageMagick Sharpen Resized Images allows Stored XSS.This issue affects ImageMagick Sharpen Resized Images: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpbean WPB Elementor Addons allows Stored XSS.This issue affects WPB Elementor Addons: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kharim Tomlinson WP Next Post Navi allows Stored XSS.This issue affects WP Next Post Navi: from n/a through...
CVE-2024-34794 WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tainacan.Org Tainacan allows Reflected XSS.This issue affects Tainacan: from n/a through...
CVE-2024-34795 WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tainacan.Org Tainacan allows Stored XSS.This issue affects Tainacan: from n/a through...
CVE-2024-34796 WordPress PopupAlly plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Benoit Mercusot Simple Popup Manager allows Stored XSS.This issue affects Simple Popup Manager: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mervin Praison Praison SEO WordPress allows Stored XSS.This issue affects Praison SEO WordPress: from n/a through...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Foliovision FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through...
CVE-2024-35630 WordPress WP TripAdvisor Review Slider plugin <= 12.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LJ Apps WP TripAdvisor Review Slider allows Blind SQL Injection.This issue affects WP TripAdvisor Review Slider: from n/a through...
CVE-2024-34754 WordPress Contact Form Widget plugin <= 1.3.9 - Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Contact Form Widget.This issue affects Contact Form Widget: from n/a through...
Insertion of Sensitive Information into Log File vulnerability in Lukman Nakib Debug Log – Manger Tool.This issue affects Debug Log – Manger Tool: from n/a through...
CVE-2024-34803 WordPress Fastly plugin <= 1.2.25 - Broken Access Control vulnerability
Missing Authorization vulnerability in Fastly.This issue affects Fastly: from n/a through...
CVE-2023-43544 Use After Free in Audio
Memory corruption when IPC callback handle is used after it has been released during register callback by another...
Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through...
Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through...
IT threat evolution in Q1 2024. Mobile statistics
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Quarterly figures According to Kaspersky Security Network, in Q1 2024: 10.1 million attacks using malware, adware, or unwanted mobile software were blocked. The most...
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Targeted attacks Operation Triangulation: the final mystery Last June, we published a series of reports on Operation Triangulation, a previously unknown iOS malware...
0.003EPSS
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: docker, k9s, wolfictl, zot, cadvisor, ctop, telegraf, kubernetes, datadog-agent, runc, skopeo, nvidia-device-plugin, grype, kubescape, kaniko, nerdctl, newrelic-infrastructure-agent, skaffold, syft, buildkitd, k3s, trivy, ingress-nginx-controller, k3d, kots,...
7.5AI Score
0.051EPSS
GHSA-VVPX-J8F3-3W6H vulnerabilities
Vulnerabilities for packages: falco, k3d, restic, dynamic-localpv-provisioner, hey, gke-gcloud-auth-plugin, wireguard-go, grpcurl,...
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: spark-operator, gitlab-pages, kubernetes-csi-external-attacher, terraform-provider-aws, dgraph, vault-csi-provider, frp, kubescape, haproxy-ingress, gke-gcloud-auth-plugin, cilium-envoy, istio-envoy, prometheus-adapter, terraform-provider-azurerm,...
8.1AI Score
0.72EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: spark-operator, prometheus-nats-exporter, docker-compose, bank-vaults, containerd, gitlab-pages, jaeger-agent, ctop, kubernetes-csi-driver-hostpath, istio-pilot-agent, kor, kubernetes-csi-external-attacher, kwok, policy-controller, crossplane-provider-azure, runc,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: spark-operator, ctop, kube-rbac-proxy, kubernetes-csi-external-attacher, kor, dask-gateway, kwok, nri-kafka, crossplane-provider-azure, runc, dgraph, vault-csi-provider, docker-cli, kubeadm-controlplane-controller, kyverno-policy-reporter, etcd, k8sgpt-operator,...
6.5AI Score
0.0004EPSS
CVE-2022-41723 vulnerabilities
Vulnerabilities for packages: falco, k3d, restic, dynamic-localpv-provisioner, hey, gke-gcloud-auth-plugin, wireguard-go, grpcurl,...
8.2AI Score
0.02EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: docker-compose, gitlab-pages, containerd, jaeger-agent, istio-pilot-agent, kor, nri-kafka, crossplane-provider-azure, runc, kubeadm-controlplane-controller, mods, litestream, kubernetes-dashboard, terraform-provider-azurerm, k8ssandra-operator, conftest, go-md2man,...
7AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: spark-operator, prometheus-nats-exporter, docker-compose, bank-vaults, containerd, gitlab-pages, jaeger-agent, ctop, kubernetes-csi-driver-hostpath, kubernetes-csi-external-attacher, policy-controller, dask-gateway, crossplane-provider-azure, kafka_exporter, runc,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: spark-operator, prometheus-nats-exporter, docker-compose, bank-vaults, containerd, gitlab-pages, jaeger-agent, ctop, kubernetes-csi-driver-hostpath, kubernetes-csi-external-attacher, policy-controller, dask-gateway, crossplane-provider-azure, kafka_exporter, runc,...
7.5AI Score
Vulnerabilities for packages: spark-operator, bank-vaults, containerd, gitlab-pages, kubernetes-csi-external-attacher, crossplane-provider-azure, runc, dgraph, vault-csi-provider, frp, k8sgpt-operator, haproxy-ingress, gke-gcloud-auth-plugin, vault-k8s, kubernetes-dashboard, prometheus-adapter,...
6.5AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: spark-operator, prometheus-nats-exporter, docker-compose, bank-vaults, containerd, gitlab-pages, jaeger-agent, ctop, kubernetes-csi-driver-hostpath, istio-pilot-agent, kor, kubernetes-csi-external-attacher, kwok, policy-controller, crossplane-provider-azure, runc,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: spark-operator, ctop, kube-rbac-proxy, kubernetes-csi-external-attacher, kor, dask-gateway, kwok, nri-kafka, crossplane-provider-azure, runc, dgraph, vault-csi-provider, docker-cli, kubeadm-controlplane-controller, kyverno-policy-reporter, etcd, k8sgpt-operator,...
6.5AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: spark-operator, ctop, kube-rbac-proxy, kubernetes-csi-external-attacher, kor, dask-gateway, kwok, nri-kafka, crossplane-provider-azure, runc, dgraph, vault-csi-provider, docker-cli, kubeadm-controlplane-controller, kyverno-policy-reporter, etcd, k8sgpt-operator,...
7.5AI Score
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, local-path-provisioner, vertical-pod-autoscaler, flannel-cni-plugin, go-bindata, gops, aws-flb-kinesis, ctop, influx, mage, dgraph, cni-plugins, docker-cli, go-licenses, gobuster, helm-push, sonobuoy, gke-gcloud-auth-plugin, metrics-server,...
8.2AI Score
0.001EPSS
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: docker-compose, gitlab-pages, containerd, jaeger-agent, istio-pilot-agent, kor, nri-kafka, crossplane-provider-azure, runc, kubeadm-controlplane-controller, mods, litestream, kubernetes-dashboard, terraform-provider-azurerm, k8ssandra-operator, conftest, go-md2man,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: spark-operator, prometheus-nats-exporter, docker-compose, bank-vaults, containerd, gitlab-pages, jaeger-agent, ctop, kubernetes-csi-driver-hostpath, kubernetes-csi-external-attacher, policy-controller, dask-gateway, crossplane-provider-azure, kafka_exporter, runc,...
7.5AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: spark-operator, bank-vaults, containerd, gitlab-pages, istio-pilot-agent, kubernetes-csi-external-attacher, crossplane-provider-azure, runc, dgraph, vault-csi-provider, frp, k8sgpt-operator, kubescape, haproxy-ingress, gke-gcloud-auth-plugin, vault-k8s,...
8.2AI Score
0.002EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: spark-operator, ctop, kube-rbac-proxy, kubernetes-csi-external-attacher, kor, dask-gateway, kwok, nri-kafka, crossplane-provider-azure, runc, dgraph, vault-csi-provider, docker-cli, kubeadm-controlplane-controller, kyverno-policy-reporter, etcd, k8sgpt-operator,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: spark-operator, ctop, kube-rbac-proxy, kubernetes-csi-external-attacher, kor, dask-gateway, kwok, nri-kafka, crossplane-provider-azure, runc, dgraph, vault-csi-provider, docker-cli, kubeadm-controlplane-controller, kyverno-policy-reporter, etcd, k8sgpt-operator,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: spark-operator, ctop, kube-rbac-proxy, kubernetes-csi-external-attacher, kor, dask-gateway, kwok, nri-kafka, crossplane-provider-azure, runc, dgraph, vault-csi-provider, docker-cli, kubeadm-controlplane-controller, kyverno-policy-reporter, etcd, k8sgpt-operator,...
7.5AI Score
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, local-path-provisioner, vertical-pod-autoscaler, flannel-cni-plugin, go-bindata, gops, aws-flb-kinesis, ctop, influx, mage, dgraph, cni-plugins, docker-cli, go-licenses, gobuster, helm-push, sonobuoy, gke-gcloud-auth-plugin, metrics-server,...
7.5AI Score