Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator) Security Vulnerabilities
PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS
PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
EPSS
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
EPSS
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
6.5CVSS
EPSS
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
6.5CVSS
6.5AI Score
EPSS
trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX.....
9CVSS
EPSS
trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX.....
9CVSS
9.4AI Score
EPSS
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
6.5CVSS
EPSS
CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-20
CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-20. This CVE either no longer is or was never...
5.5CVSS
6.3AI Score
0.001EPSS
CVE-2022-3064 affecting package application-gateway-kubernetes-ingress 1.4.0-20
CVE-2022-3064 affecting package application-gateway-kubernetes-ingress 1.4.0-20. This CVE either no longer is or was never...
7.5CVSS
7.9AI Score
0.005EPSS
CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2024-38366 CoacoaPods trunk RCE in email verification system rfc-822
trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX.....
9CVSS
EPSS
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics...
6.3CVSS
6.3AI Score
EPSS
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics...
6.3CVSS
EPSS
CVE-2024-36986 Risky command safeguards bypass through Search ID query in Analytics Workspace
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics...
6.3CVSS
EPSS
Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks
A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to claim ownership...
8AI Score
EPSS
WordPress Security Research Series: WordPress Request Architecture and Hooks
Welcome to Part 1 of the WordPress Security Research Beginner Series! If you haven’t had a chance, please review the series introduction blog post for more details on the goal of this series and what to expect. Before diving into the security features of WordPress, it's critical to understand the.....
7.1AI Score
Cisco NX-OS Software CLI Command Injection Vulnerability
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific...
7.4AI Score
EPSS
Vulnerabilities for packages: zarf, consul, flux, influxd, flux-source-controller, policy-controller, ksops, timestamp-authority, flux-helm-controller, opentofu, fulcio, argo-cd, neuvector-sigstore-interface, zot, nuclei, pulumi-kubernetes-operator, k3s, vexctl, glab, snyk-cli, kargo,...
6CVSS
6AI Score
0.0004EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: flux-source-controller, grype, kubeflow-katib, ip-masq-agent, nghttp2, cortex, tctl, gke-gcloud-auth-plugin, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, weaviate, kaf, metacontroller, prometheus-blackbox-exporter, helm, cluster-autoscaler,...
7.5CVSS
9AI Score
0.732EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: istio-pilot-discovery, flux-source-controller, cloudflared, argo-cd, fulcio, vexctl, traefik, tekton-pipelines, terragrunt, gitsign, aactl, keda, kubescape, sops, kots, tekton-chains, external-secrets-operator, cosign, kyverno, vault, slsa-verifier, cilium-envoy,...
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, supercronic, docker, logstash-exporter, prometheus-alertmanager, doppler-kubernetes-operator, flux-source-controller, kuberay-operator, grype, policy-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, ip-masq-agent, zot, golangci-lint,...
7.5AI Score
GHSA-X84C-P2G9-RQV9 vulnerabilities
Vulnerabilities for packages: harbor-scanner-trivy, docker, dagger, buf, tekton-pipelines, docker-compose, helm-push, kaniko, neuvector-scanner, cri-tools, k3d, syft, grype, policy-controller, prometheus, wolfictl,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: runc, docker, zarf, kaniko, grype, telegraf, skaffold, zot, kubernetes, k3s, k3d, kubescape, newrelic-infrastructure-agent, kots, datadog-agent, ctop, k9s, buildkitd, cadvisor, ingress-nginx-controller, syft, wolfictl, trivy, nvidia-device-plugin, nerdctl,...
8.6CVSS
9.2AI Score
0.051EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: kaniko, flux-source-controller, grype, telegraf, skaffold, flux-helm-controller, zot, tekton-pipelines, helm-push, k3d, kubescape, melange, kots, newrelic-infrastructure-agent, ctop, up, cert-manager, trivy, eksctl, helm, neuvector-agent, fuse-overlayfs-snapshotter,...
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: helm-operator, k9s, k8sgpt, zarf, helm-push, istio-operator, flux-source-controller, cilium-cli, cert-manager, chartmuseum, kubescape, flux-helm-controller, kots, trivy, eksctl, zot,...
6.4CVSS
6.7AI Score
0.0004EPSS
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: helm-operator, k9s, k8sgpt, zarf, helm-push, istio-operator, flux-source-controller, cilium-cli, cert-manager, chartmuseum, kubescape, flux-helm-controller, kots, trivy, eksctl, zot,...
7.5AI Score
5.3CVSS
5.5AI Score
0.0004EPSS
7.5AI Score
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: zarf, flux-source-controller, policy-controller, skaffold, neuvector-sigstore-interface, zot, vexctl, gitsign, aactl, tekton-chains, kubescape, melange, wolfictl, slsa-verifier, falcoctl, ko, spire-server, goreleaser, tkn, falco,...
7.5AI Score
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: argo-cd, flux-notification-controller, melange, argo-workflows,...
7.5CVSS
7.7AI Score
0.0005EPSS
Vulnerabilities for packages: aws-ebs-csi-driver, nodetaint, kubernetes-csi-driver-hostpath, local-static-provisioner, node-feature-discovery, spark-operator, calico, kubernetes-dns-node-cache, ip-masq-agent, cluster-autoscaler,...
2.7CVSS
4.3AI Score
0.0004EPSS
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...
7.8AI Score
0.0004EPSS
GHSA-H75V-3VVJ-5MFJ vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-jinja2, reflex, confluent-docker-utils, kubeflow-volumes-web-app, dask-gateway, pytorch,...
7.5AI Score
GHSA-2HMF-46V7-V6FX vulnerabilities
Vulnerabilities for packages: dagger, guac, external-dns, melange,...
7.5AI Score
7.5CVSS
7.8AI Score
0.0004EPSS
7.5AI Score
7.8CVSS
9.2AI Score
0.001EPSS
7.5AI Score
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, zot, stern, swagger, kubescape, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, prometheus-statsd-exporter, trivy, bincapz,...
6.8AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: logstash-exporter, gostatsd, grafana-rollout-operator, prometheus-alertmanager, direnv, flux-source-controller, policy-controller, tfsec, mongo-tools, ipfs, ip-masq-agent, harbor-registry, zot, golangci-lint, kubernetes, stern, glab, go-bindata, cortex, delve, go,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: logstash-exporter, gostatsd, grafana-rollout-operator, prometheus-alertmanager, direnv, flux-source-controller, policy-controller, tfsec, mongo-tools, ipfs, ip-masq-agent, harbor-registry, zot, golangci-lint, kubernetes, stern, glab, go-bindata, cortex, delve, go,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...
5.5CVSS
6.1AI Score
0.0004EPSS
GHSA-V6V8-XJ6M-XWQH vulnerabilities
Vulnerabilities for packages: zarf, consul, flux, influxd, flux-source-controller, policy-controller, ksops, timestamp-authority, flux-helm-controller, opentofu, fulcio, argo-cd, neuvector-sigstore-interface, zot, nuclei, pulumi-kubernetes-operator, k3s, vexctl, glab, snyk-cli, kargo,...
7.5AI Score
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, kubernetes-dashboard-metrics-scraper, grpcurl, wait-for-port, prometheus-stackdriver-exporter, ip-masq-agent, gitlab-logger, aws-flb-kinesis, petname, sonobuoy, nsc, mage, go-bindata, cortex, gke-gcloud-auth-plugin, helm-push, k3d, aactl,.....
7.5CVSS
8AI Score
0.001EPSS
Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kyverno, node-problem-detector, prometheus-pushgateway, flux-image-reflector-controller,....
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, supercronic, docker, logstash-exporter, prometheus-alertmanager, doppler-kubernetes-operator, flux-source-controller, kuberay-operator, grype, policy-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, ip-masq-agent, zot, golangci-lint,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...
7.5AI Score
7.5AI Score