Desigo Px Automation Controllers Pxc22.1-e.d, Pxc36-e.d, Pxc36.1-e.d With Activated Web Server Security Vulnerabilities

CVE-2024-39848

Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web...

CVE-2024-39848

Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web...

GHSA-88H4-JW57-85V9 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21062 vulnerabilities

Vulnerabilities for packages:...

GHSA-5XQ9-RCPJ-P52V vulnerabilities

Vulnerabilities for packages:...

GHSA-R27R-5FWH-VXQW vulnerabilities

Vulnerabilities for packages:...

GHSA-VQ7J-GX56-RXJH vulnerabilities

Vulnerabilities for packages: kind, falco,...

GHSA-X7M3-JPRG-WC5G vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app,...

CVE-2023-41419 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app,...

GHSA-84PR-M4JR-85G5 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, kubeflow-jupyter-web-app,...

CVE-2024-34069 vulnerabilities

Vulnerabilities for packages: py3.10-tensorflow-core, kubeflow-jupyter-web-app, superset, py3-werkzeug,...

GHSA-2G68-C3QC-8985 vulnerabilities

Vulnerabilities for packages: py3.10-tensorflow-core, kubeflow-jupyter-web-app, superset, py3-werkzeug,...

CVE-2024-28219 vulnerabilities

Vulnerabilities for packages: pytorch, kubeflow-pipelines-visualization-server,...

GHSA-M87M-MMVP-V9QM vulnerabilities

Vulnerabilities for packages:...

CVE-2024-20994 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21885 vulnerabilities

Vulnerabilities for packages:...

GHSA-49WX-9H9F-8C9G vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21886 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31080 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

GHSA-95PR-FXF5-86GV vulnerabilities

Vulnerabilities for packages: goreleaser, kubescape, zarf, falco, tkn, zot, apko, aactl, policy-controller, gitsign, vexctl, wolfictl, neuvector-sigstore-interface, melange, falcoctl, ko, spire-server, tekton-chains, skaffold, slsa-verifier,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, goreleaser, dgraph, dotnet, node-problem-detector, terraform, terraform-provider-azurerm, bom, prometheus-bind-exporter, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...

CVE-2024-6104 vulnerabilities

Vulnerabilities for packages: cert-manager, opentelemetry-collector-contrib, goreleaser, keda, kubescape, zarf, gitlab-shell, terragrunt, terraform, fulcio, terraform-provider-azurerm, k3d, tkn, zot, loki, nuclei, opentofu, gitlab-runner, aactl, policy-controller, pulumi, argo-cd,...

CVE-2024-29018 vulnerabilities

Vulnerabilities for packages: goreleaser, grype, kubescape, cadvisor, crossplane, buf, tkn, zot, telegraf, datadog-agent, loki, aactl, prometheus, kargo, docker-compose, wolfictl, melange, buildkitd, ko, ctop, spire-server, trivy, conftest, syft, kaniko, up,...

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: cert-manager, keda, kubescape, falco, terragrunt, fulcio, kots, tkn, aactl, argo-cd, traefik, dex, argo-workflows, gitsign, oauth2-proxy, kyverno, vexctl, tekton-pipelines, istio-pilot-discovery, cosign, spire-server, external-secrets-operator, vault, tekton-chains,...

GHSA-MQ39-4GV4-MVPX vulnerabilities

Vulnerabilities for packages: goreleaser, grype, kubescape, cadvisor, crossplane, buf, tkn, zot, telegraf, datadog-agent, loki, aactl, prometheus, kargo, docker-compose, wolfictl, melange, buildkitd, ko, ctop, spire-server, trivy, conftest, syft, kaniko, up,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terragrunt, terraform, terraform-provider-azurerm, clusterctl, crossplane, k8sgpt-operator, newrelic-infra-operator, prometheus-bind-exporter, zot,...

CVE-2024-21506 vulnerabilities

Vulnerabilities for packages: py3-pymongo, kubeflow-pipelines-visualization-server,...

CVE-2024-21047 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-27304 vulnerabilities

Vulnerabilities for packages: kube-bench, vault, caddy, src, spicedb, amass, telegraf, keda, kine, k3s, temporal-server, ferretdb, argo-workflows, kots, trillian,...

GHSA-MRWW-27VC-GGHV vulnerabilities

Vulnerabilities for packages: kube-bench, vault, caddy, src, spicedb, amass, telegraf, keda, kine, k3s, temporal-server, ferretdb, argo-workflows, kots, trillian,...

GHSA-PCJV-393Q-RQF2 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31081 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31082 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-39320 vulnerabilities

Vulnerabilities for packages:...

GHSA-RXV8-V965-V333 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21013 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21060 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-21096 vulnerabilities

Vulnerabilities for packages:...

GHSA-8CPF-FXR6-4WPQ vulnerabilities

Vulnerabilities for packages:...

GHSA-GJ63-QCJC-2FCW vulnerabilities

Vulnerabilities for packages:...

GHSA-WH99-P93P-G825 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-35178 vulnerabilities

Vulnerabilities for packages:...

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: py3-idna, dask-gateway, k8s-sidecar, datadog-agent, py3.10-tensorflow-core, jwt-tool, confluent-docker-utils, az, kubeflow-jupyter-web-app, kubeflow-pipelines, ggshield, kubeflow-pipelines-visualization-server, kubeflow-volumes-web-app, kubeflow-katib,...

GHSA-679V-HH23-H5JH vulnerabilities

Vulnerabilities for packages: kind, falco,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, docker-cli, q, zot, opentofu, memcached-exporter, haproxy-ingress, ingress-nginx-controller, argo-cd, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, kube-state-metrics, cert-manager-webhook-pdns, gitleaks, mage, wave, dgraph, clusterctl, tempo, crossplane, bom, newrelic-prometheus-configurator, mockery, newrelic-infra-operator, q, go, prometheus-bind-exporter, zot,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, kube-state-metrics, cert-manager-webhook-pdns, gitleaks, mage, wave, dgraph, clusterctl, tempo, crossplane, bom, newrelic-prometheus-configurator, mockery, newrelic-infra-operator, q, go, prometheus-bind-exporter, zot,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...

GHSA-V6V8-XJ6M-XWQH vulnerabilities

Vulnerabilities for packages: cert-manager, opentelemetry-collector-contrib, goreleaser, keda, kubescape, zarf, gitlab-shell, terragrunt, terraform, fulcio, terraform-provider-azurerm, k3d, tkn, zot, loki, nuclei, opentofu, gitlab-runner, aactl, policy-controller, pulumi, argo-cd,...