Big-ip (ltm, Aam, Afm, Analytics, Apm, Asm, Dns, Edge Gateway, Fps, Gtm, Link Controller, Pem, Webaccelerator), Big-iq Centralized Management, Big-iq Cloud And Orchestration, Iworkflow, Enterprise Manager Security Vulnerabilities

CVE-2024-29025 vulnerabilities

Vulnerabilities for packages: cloudwatch-exporter, spark, selenium, management-api-for-apache-cassandra, wavefront-proxy, neo4j, keycloak,...

CVE-2024-29903 vulnerabilities

Vulnerabilities for packages: zarf, flux-source-controller, policy-controller, skaffold, neuvector-sigstore-interface, zot, vexctl, gitsign, aactl, tekton-chains, kubescape, melange, wolfictl, slsa-verifier, falcoctl, ko, spire-server, goreleaser, tkn, falco,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, kubernetes-dashboard-metrics-scraper, grpcurl, wait-for-port, prometheus-stackdriver-exporter, ip-masq-agent, gitlab-logger, aws-flb-kinesis, petname, sonobuoy, nsc, mage, go-bindata, cortex, gke-gcloud-auth-plugin, helm-push, k3d, aactl,.....

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, kubernetes-dashboard-metrics-scraper, grpcurl, wait-for-port, prometheus-stackdriver-exporter, ip-masq-agent, gitlab-logger, aws-flb-kinesis, petname, sonobuoy, nsc, mage, go-bindata, cortex, gke-gcloud-auth-plugin, helm-push, k3d, aactl,.....

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, kubernetes-dashboard-metrics-scraper, grpcurl, wait-for-port, prometheus-stackdriver-exporter, ip-masq-agent, gitlab-logger, aws-flb-kinesis, petname, sonobuoy, nsc, mage, go-bindata, cortex, gke-gcloud-auth-plugin, helm-push, k3d, aactl,.....

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...

CVE-2024-28180 vulnerabilities

Vulnerabilities for packages: cilium, istio-cni, istio-pilot-discovery, zarf, istio-pilot-agent, grpc-health-probe, istio-operator, frp, flux-source-controller, rabbitmq-messaging-topology-operator, cloudflared, policy-controller, skaffold, timestamp-authority, fulcio, argo-cd, vexctl, kargo,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kyverno, node-problem-detector, prometheus-pushgateway, flux-image-reflector-controller,....

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, prometheus-alertmanager, flux-source-controller, grype, cloud-sql-proxy, kubeflow-katib, mongo-tools, zot, kubernetes, k3s, cortex, helm-push, kubescape, gitlab-shell, loki, kyverno, node-problem-detector, flux-image-reflector-controller,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: prometheus-alertmanager, flux-source-controller, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, zot, k3s, go, tctl, gke-gcloud-auth-plugin, kubernetes-csi-external-provisioner, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, prometheus-pushgateway,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: pulumi-language-dotnet, kubernetes-csi-livenessprobe, influxd, flux-source-controller, grype, telegraf, prometheus-stackdriver-exporter, secrets-store-csi-driver, flux-helm-controller, kubeflow-katib, argo-cd, pulumi-kubernetes-operator, conftest, cortex, tctl, k3d,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: flux-source-controller, grype, kubeflow-katib, ip-masq-agent, nghttp2, cortex, tctl, gke-gcloud-auth-plugin, mc, kubescape, gitlab-shell, kyverno, node-problem-detector, weaviate, kaf, metacontroller, prometheus-blackbox-exporter, helm, cluster-autoscaler,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

GHSA-V53G-5GJP-272R vulnerabilities

Vulnerabilities for packages: helm-operator, k9s, k8sgpt, zarf, helm-push, istio-operator, flux-source-controller, cilium-cli, cert-manager, chartmuseum, kubescape, flux-helm-controller, kots, trivy, eksctl, zot,...

GHSA-5JPM-X58V-624V vulnerabilities

Vulnerabilities for packages: cloudwatch-exporter, spark, selenium, management-api-for-apache-cassandra, wavefront-proxy, neo4j, keycloak,...

GHSA-7GPW-8WMC-PM8G vulnerabilities

Vulnerabilities for packages: py3-cassandra-medusa,...

CVE-2023-29402 vulnerabilities

Vulnerabilities for packages: policy-controller, kind,...

CVE-2023-29404 vulnerabilities

Vulnerabilities for packages: policy-controller, kind,...

GHSA-68G3-2P3G-W9PQ vulnerabilities

Vulnerabilities for packages: policy-controller, kind,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: temporal-ui-server, supercronic, logstash-exporter, prometheus-alertmanager, direnv, doppler-kubernetes-operator, kuberay-operator, grype, k8sgpt-operator, cloud-sql-proxy, kubeflow-katib, mongo-tools, ip-masq-agent, golangci-lint, kubernetes, k3s, go-bindata,...

GHSA-V845-JXX5-VC9F vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, k8s-sidecar, kubeflow-volumes-web-app, kube-downscaler, dask-gateway,...

CVE-2023-43804 vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, k8s-sidecar, kubeflow-volumes-web-app, kube-downscaler, dask-gateway,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: logstash-exporter, gostatsd, grafana-rollout-operator, prometheus-alertmanager, direnv, flux-source-controller, policy-controller, tfsec, mongo-tools, ipfs, ip-masq-agent, harbor-registry, zot, golangci-lint, kubernetes, stern, glab, go-bindata, cortex, delve, go,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: logstash-exporter, direnv, dagdotdev, cloud-sql-proxy, mongo-tools, ip-masq-agent, stern, swagger, hivemind, kubescape, pluto, cni-plugins, clusterctl, nri-discovery-kubernetes, sbom-scorecard, node-problem-detector, syft, prometheus-statsd-exporter, trivy,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: filebeat, dagger, istio-pilot-discovery, zarf, istio-pilot-agent, policy-controller, telegraf, skaffold, flux-helm-controller, kubeflow-katib, zot, k3s, helm-operator, vexctl, traefik, kargo, tekton-pipelines, timoni, gitsign, aactl, tekton-chains, kubescape,...

GHSA-W235-7P84-XX57 vulnerabilities

Vulnerabilities for packages: airflow, py3-tornado,...

GHSA-34JH-P97F-MPXF vulnerabilities

Vulnerabilities for packages: mlflow, kubeflow-jupyter-web-app, k8s-sidecar, kubeflow-pipelines, ggshield, reflex, confluent-docker-utils, py3-cassandra-medusa, kubeflow-volumes-web-app, az, dask-gateway, kubeflow-katib, superset, airflow,...

CVE-2023-49568 vulnerabilities

Vulnerabilities for packages: pulumi-language-dotnet, src-fingerprint, argo-cd, zot, nuclei, pulumi-kubernetes-operator, tekton-pipelines, gitsign, gomplate, kots, pulumi, scorecard, go-licenses, bom, goreleaser, pulumi-language-yaml, pulumi-language-java, kubevela, gitness,...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver, nodetaint, kubernetes-csi-driver-hostpath, local-static-provisioner, node-feature-discovery, spark-operator, calico, kubernetes-dns-node-cache, ip-masq-agent, cluster-autoscaler,...

GHSA-XR7R-F8XQ-VFVV vulnerabilities

Vulnerabilities for packages: runc, docker, zarf, kaniko, grype, telegraf, skaffold, zot, kubernetes, k3s, k3d, kubescape, newrelic-infrastructure-agent, kots, datadog-agent, ctop, k9s, buildkitd, cadvisor, ingress-nginx-controller, syft, wolfictl, trivy, nvidia-device-plugin, nerdctl,...

CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation.....

CVE-2024-6375

A command for refining a collection shard key is missing an authorization check. This may cause the command to run directly on a shard, leading to either degradation of query performance, or to revealing chunk boundaries through timing side channels. This affects MongoDB Server v5.0 versions,...

CVE-2024-6375

A command for refining a collection shard key is missing an authorization check. This may cause the command to run directly on a shard, leading to either degradation of query performance, or to revealing chunk boundaries through timing side channels. This affects MongoDB Server v5.0 versions,...

CVE-2024-34696

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

CVE-2024-23372

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected...

CVE-2024-23373

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting...

CVE-2024-23373

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting...

CVE-2024-34696

GeoServer is an open source server that allows users to share and edit geospatial data. Starting in version 2.10.0 and prior to versions 2.24.4 and 2.25.1, GeoServer's Server Status page and REST API lists all environment variables and Java properties to any GeoServer user with administrative...

CVE-2024-23372

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected...

CVE-2024-21469

Memory corruption when an invoke call and a TEE call are bound for the same trusted...

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM...

CVE-2024-21469

Memory corruption when an invoke call and a TEE call are bound for the same trusted...

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM...

CVE-2024-21460

Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address...

CVE-2024-21460

Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address...

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon...

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM MQ shipped with IBM WebSphere Remote Server

Summary IBM MQ is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM MQ have been published in a security bulletin CVE-2024-25026, CVE-2024-22354, CVE-2024-27268, CVE-2024-22353, CVE-2023-51775, CVE-2024-22329, CVE-2024-31919, CVE-2024-21085,...

Busted for book club? Why cops want to see what you’re reading, with Sarah Lamdan (Lock and Code S05E14)

This week on the Lock and Code podcast… More than 20 years ago, a law that the United States would eventually use to justify the warrantless collection of Americans' phone call records actually started out as a warning sign against an entirely different target: Libraries. Not two months after...

CVE-2024-6375 Missing authorization check may lead to shard key refinement

A command for refining a collection shard key is missing an authorization check. This may cause the command to run directly on a shard, leading to either degradation of query performance, or to revealing chunk boundaries through timing side channels. This affects MongoDB Server v5.0 versions,...