Cisco NX-OS Software CLI Command Injection Vulnerability
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific...
7.4AI Score
EPSS
Summary IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to cross-site scripting in the administrative console. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected...
4.8CVSS
4.9AI Score
0.0004EPSS
thecheesecakefactory.com.mx Cross Site Scripting vulnerability OBB-3939864
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
lilyfruit.com.tw Cross Site Scripting vulnerability OBB-3939860
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
yayaswichita.com Cross Site Scripting vulnerability OBB-3939862
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ledisquestore.com Cross Site Scripting vulnerability OBB-3939857
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
redgatehennessy.com Cross Site Scripting vulnerability OBB-3939858
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
easyshiksha.com Cross Site Scripting vulnerability OBB-3939856
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
east1-phpmyadmin.dreamhost.com Cross Site Scripting vulnerability OBB-3939855
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
tv411.senterre.com Cross Site Scripting vulnerability OBB-3939854
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
2a.com.tr Cross Site Scripting vulnerability OBB-3939851
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
psykosteve.com Cross Site Scripting vulnerability OBB-3939853
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Summary IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory...
5.9CVSS
6.5AI Score
0.0004EPSS
06153.com.ua Cross Site Scripting vulnerability OBB-3939850
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
premiomassimourbani.com Cross Site Scripting vulnerability OBB-3939849
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
b-cdn.foxpornos.com Cross Site Scripting vulnerability OBB-3939847
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Summary IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory...
5.9CVSS
6.5AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
7CVSS
7.7AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
4.7CVSS
6.1AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
7.5CVSS
7.7AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
4.3CVSS
5.1AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
5.9CVSS
6.6AI Score
0.0004EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
7.5AI Score
0.0004EPSS
Summary IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID:...
4.3CVSS
5.1AI Score
0.0004EPSS
Vulnerabilities for packages: zarf, consul, flux, influxd, flux-source-controller, policy-controller, ksops, timestamp-authority, flux-helm-controller, opentofu, fulcio, argo-cd, neuvector-sigstore-interface, zot, nuclei, pulumi-kubernetes-operator, k3s, vexctl, glab, snyk-cli, kargo,...
6CVSS
6AI Score
0.0004EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: flux-source-controller, grype, kubeflow-katib, ip-masq-agent, nghttp2, cortex, tctl, gke-gcloud-auth-plugin, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, weaviate, kaf, metacontroller, prometheus-blackbox-exporter, helm, cluster-autoscaler,...
7.5CVSS
9AI Score
0.732EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: istio-pilot-discovery, flux-source-controller, cloudflared, argo-cd, fulcio, vexctl, traefik, tekton-pipelines, terragrunt, gitsign, aactl, keda, kubescape, sops, kots, tekton-chains, external-secrets-operator, cosign, kyverno, vault, slsa-verifier, cilium-envoy,...
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, supercronic, docker, logstash-exporter, prometheus-alertmanager, doppler-kubernetes-operator, flux-source-controller, kuberay-operator, grype, policy-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, ip-masq-agent, zot, golangci-lint,...
7.5AI Score
GHSA-X84C-P2G9-RQV9 vulnerabilities
Vulnerabilities for packages: harbor-scanner-trivy, docker, dagger, buf, tekton-pipelines, docker-compose, helm-push, kaniko, neuvector-scanner, cri-tools, k3d, syft, grype, policy-controller, prometheus, wolfictl,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: runc, docker, zarf, kaniko, grype, telegraf, skaffold, zot, kubernetes, k3s, k3d, kubescape, newrelic-infrastructure-agent, kots, datadog-agent, ctop, k9s, buildkitd, cadvisor, ingress-nginx-controller, syft, wolfictl, trivy, nvidia-device-plugin, nerdctl,...
8.6CVSS
9.2AI Score
0.051EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: kaniko, flux-source-controller, grype, telegraf, skaffold, flux-helm-controller, zot, tekton-pipelines, helm-push, k3d, kubescape, melange, kots, newrelic-infrastructure-agent, ctop, up, cert-manager, trivy, eksctl, helm, neuvector-agent, fuse-overlayfs-snapshotter,...
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: helm-operator, k9s, k8sgpt, zarf, helm-push, istio-operator, flux-source-controller, cilium-cli, cert-manager, chartmuseum, kubescape, flux-helm-controller, kots, trivy, eksctl, zot,...
6.4CVSS
6.7AI Score
0.0004EPSS
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: helm-operator, k9s, k8sgpt, zarf, helm-push, istio-operator, flux-source-controller, cilium-cli, cert-manager, chartmuseum, kubescape, flux-helm-controller, kots, trivy, eksctl, zot,...
7.5AI Score
5.3CVSS
5.5AI Score
0.0004EPSS
7.5AI Score
Vulnerabilities for packages: aws-ebs-csi-driver, nodetaint, kubernetes-csi-driver-hostpath, local-static-provisioner, node-feature-discovery, spark-operator, calico, kubernetes-dns-node-cache, ip-masq-agent, cluster-autoscaler,...
2.7CVSS
4.3AI Score
0.0004EPSS
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...
7.8AI Score
0.0004EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: zarf, flux-source-controller, policy-controller, skaffold, neuvector-sigstore-interface, zot, vexctl, gitsign, aactl, tekton-chains, kubescape, melange, wolfictl, slsa-verifier, falcoctl, ko, spire-server, goreleaser, tkn, falco,...
7.5AI Score
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: skaffold, k3s, tekton-pipelines, k3d, aactl, chartmuseum, kubescape, kpt, tekton-chains, ctop, loki, up, scorecard, slsa-verifier, cert-manager, bom, goreleaser, falco, paranoia,...
7.5AI Score
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: argo-cd, flux-notification-controller, melange, argo-workflows,...
7.5CVSS
7.7AI Score
0.0005EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, prometheus-alertmanager, flux-source-controller, grype, cloud-sql-proxy, kubeflow-katib, mongo-tools, zot, kubernetes, k3s, cortex, helm-push, kubescape, gitlab-shell, loki, kyverno, node-problem-detector, flux-image-reflector-controller,...
5.9CVSS
7.1AI Score
0.963EPSS
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: filebeat, dagger, istio-pilot-discovery, zarf, istio-pilot-agent, policy-controller, telegraf, skaffold, flux-helm-controller, kubeflow-katib, zot, k3s, helm-operator, vexctl, traefik, kargo, tekton-pipelines, timoni, gitsign, aactl, tekton-chains, kubescape,...
7.8CVSS
7.5AI Score
0.001EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, zot, stern, swagger, kubescape, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, prometheus-statsd-exporter, trivy, bincapz,...
6.8AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: logstash-exporter, gostatsd, grafana-rollout-operator, prometheus-alertmanager, direnv, flux-source-controller, policy-controller, tfsec, mongo-tools, ipfs, ip-masq-agent, harbor-registry, zot, golangci-lint, kubernetes, stern, glab, go-bindata, cortex, delve, go,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: logstash-exporter, gostatsd, grafana-rollout-operator, prometheus-alertmanager, direnv, flux-source-controller, policy-controller, tfsec, mongo-tools, ipfs, ip-masq-agent, harbor-registry, zot, golangci-lint, kubernetes, stern, glab, go-bindata, cortex, delve, go,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...
5.5CVSS
6.1AI Score
0.0004EPSS
GHSA-V6V8-XJ6M-XWQH vulnerabilities
Vulnerabilities for packages: zarf, consul, flux, influxd, flux-source-controller, policy-controller, ksops, timestamp-authority, flux-helm-controller, opentofu, fulcio, argo-cd, neuvector-sigstore-interface, zot, nuclei, pulumi-kubernetes-operator, k3s, vexctl, glab, snyk-cli, kargo,...
7.5AI Score
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, kubernetes-dashboard-metrics-scraper, grpcurl, wait-for-port, prometheus-stackdriver-exporter, ip-masq-agent, gitlab-logger, aws-flb-kinesis, petname, sonobuoy, nsc, mage, go-bindata, cortex, gke-gcloud-auth-plugin, helm-push, k3d, aactl,.....
7.5CVSS
8AI Score
0.001EPSS
Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kyverno, node-problem-detector, prometheus-pushgateway, flux-image-reflector-controller,....
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: temporal-ui-server, supercronic, docker, logstash-exporter, prometheus-alertmanager, doppler-kubernetes-operator, flux-source-controller, kuberay-operator, grype, policy-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, ip-masq-agent, zot, golangci-lint,...
6.6AI Score
0.0004EPSS