CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package packer for versions less than 1.8.1-14
CVE-2023-44487 affecting package packer for versions less than 1.8.1-14. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-48795 affecting package nmap for versions less than 7.93-2
CVE-2023-48795 affecting package nmap for versions less than 7.93-2. A patched version of the package is...
5.9CVSS
6.2AI Score
0.963EPSS
CVE-2023-44487 affecting package kube-vip-cloud-provider for versions less than 0.0.2-12
CVE-2023-44487 affecting package kube-vip-cloud-provider for versions less than 0.0.2-12. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package keda for versions less than 2.4.0-14
CVE-2023-44487 affecting package keda for versions less than 2.4.0-14. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-39319 affecting package golang for versions less than 1.20.10-1
CVE-2023-39319 affecting package golang for versions less than 1.20.10-1. A patched version of the package is...
6.1CVSS
6.5AI Score
0.001EPSS
CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13
CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...
5.3CVSS
5.7AI Score
0.002EPSS
CVE-2023-44487 affecting package opa for versions less than 0.50.2-6
CVE-2023-44487 affecting package opa for versions less than 0.50.2-6. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package kubernetes for versions less than 1.28.3-1
CVE-2023-44487 affecting package kubernetes for versions less than 1.28.3-1. A patched version of the package is...
7.5CVSS
8.9AI Score
0.732EPSS
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
6.5CVSS
6.8AI Score
0.001EPSS
CVE-2023-39323 affecting package golang for versions less than 1.20.10-1
CVE-2023-39323 affecting package golang for versions less than 1.20.10-1. A patched version of the package is...
8.1CVSS
8.2AI Score
0.002EPSS
CVE-2023-29409 affecting package golang for versions less than 1.20.7-1
CVE-2023-29409 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
5.3CVSS
5.6AI Score
0.001EPSS
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2024-24788 affecting package golang for versions less than 1.22.3-1
CVE-2024-24788 affecting package golang for versions less than 1.22.3-1. A patched version of the package is...
7.3AI Score
0.0004EPSS
CVE-2024-30204 affecting package emacs for versions less than 29.3
CVE-2024-30204 affecting package emacs for versions less than 29.3. A patched version of the package is...
7.3AI Score
0.0005EPSS
CVE-2023-44487 affecting package node-problem-detector for versions less than 0.8.10-16
CVE-2023-44487 affecting package node-problem-detector for versions less than 0.8.10-16. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package multus for versions less than 3.8-12
CVE-2023-44487 affecting package multus for versions less than 3.8-12. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1. A patched version of the package is...
9.8CVSS
9.8AI Score
0.003EPSS
CVE-2023-29400 affecting package golang for versions less than 1.20.7-1
CVE-2023-29400 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.3CVSS
7.4AI Score
0.001EPSS
CVE-2023-44487 affecting package coredns for versions less than 1.11.1-1
CVE-2023-44487 affecting package coredns for versions less than 1.11.1-1. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-39325 affecting package coredns for versions less than 1.9.3-9
CVE-2023-39325 affecting package coredns for versions less than 1.9.3-9. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-39325 affecting package opa for versions less than 0.50.2-6
CVE-2023-39325 affecting package opa for versions less than 0.50.2-6. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-44487 affecting package local-path-provisioner for versions less than 0.0.21-12
CVE-2023-44487 affecting package local-path-provisioner for versions less than 0.0.21-12. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package kubevirt for versions less than 0.59.0-9
CVE-2023-44487 affecting package kubevirt for versions less than 0.59.0-9. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package jx for versions less than 3.2.236-13
CVE-2023-44487 affecting package jx for versions less than 3.2.236-13. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package influxdb for versions less than 2.6.1-11
CVE-2023-44487 affecting package influxdb for versions less than 2.6.1-11. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-24539 affecting package golang for versions less than 1.20.7-1
CVE-2023-24539 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.3CVSS
7.4AI Score
0.001EPSS
CVE-2022-41725 affecting package golang for versions less than 1.19.5-1
CVE-2022-41725 affecting package golang for versions less than 1.19.5-1. A patched version of the package is...
7.5CVSS
7.8AI Score
0.001EPSS
CVE-2023-29405 affecting package golang for versions less than 1.20.7-1
CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
9.8CVSS
9.7AI Score
0.005EPSS
CVE-2022-41724 affecting package golang for versions less than 1.19.6-1
CVE-2022-41724 affecting package golang for versions less than 1.19.6-1. A patched version of the package is...
7.5CVSS
7.8AI Score
0.001EPSS
CVE-2023-39325 affecting package golang for versions less than 1.20.7-2
CVE-2023-39325 affecting package golang for versions less than 1.20.7-2. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-24534 affecting package golang for versions less than 1.20.7-1
CVE-2023-24534 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-39533 affecting package golang for versions less than 1.19.12-1
CVE-2023-39533 affecting package golang for versions less than 1.19.12-1. A patched version of the package is...
7.5CVSS
7.6AI Score
0.001EPSS
CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2
CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2. A patched version of the package is...
9.8CVSS
9.9AI Score
0.001EPSS
CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2024-38368 Trunk's 'Claim your pod' could be used to obtain un-used pods
trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. A vulnerability affected older pods which migrated from the pre-2014 pull request workflow to trunk. If the pods had never been claimed then it was still possible to do so. It was also possible to have all...
9.9CVSS
EPSS
Weblate vulnerable to improper sanitization of project backups
Impact Weblate didn't correctly validate filenames when restoring project backup. It may be possible to gain unauthorized access to files on the server using a crafted ZIP file. Patches This issue has been addressed in Weblate 5.6.2 via...
4.4CVSS
7AI Score
EPSS
mariva.net Cross Site Scripting vulnerability OBB-3939904
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dev.shoalsummitsolutions.com Cross Site Scripting vulnerability OBB-3939903
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Updated gdb packages fix security vulnerabilities
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. (CVE-2022-4285) A potential heap based buffer overflow was found...
6.5CVSS
8.1AI Score
0.001EPSS
trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. Prior to commit d4fa66f49cedab449af9a56a21ab40697b9f7b97, the trunk sessions verification step could be manipulated for owner session hijacking Compromising a victim’s session will result in a full takeover of.....
8CVSS
EPSS
CVE-2024-6387 Bulk Scanning Tool for OpenSSH CVE-2024-6387,...
8.1CVSS
8.5AI Score
EPSS
CVE-2024-38366 CoacoaPods trunk RCE in email verification system rfc-822
trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX.....
9CVSS
EPSS
Potential memory exhaustion attack due to sparse slice deserialization
Details Running schema.Decoder.Decode() on a struct that has a field of type []struct{...} opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. For instance, in the Proof of Concept written below, someone can specify to set a field of...
7.5CVSS
6.6AI Score
EPSS
Session Middleware Token Injection Vulnerability
A security vulnerability has been identified in the Fiber session middleware where a user can supply their own session_id value, leading to the creation of a session with that key. Impact The identified vulnerability is a session middleware issue in GoFiber versions 2 and above. This vulnerability....
10CVSS
6.7AI Score
EPSS
Remote Code Execution (RCE) vulnerability in geoserver
Summary Multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. Details The GeoTools library API that GeoServer calls...
9.8CVSS
8AI Score
EPSS
8.1CVSS
8.4AI Score
EPSS
New openssh packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openssh-9.8p1-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: Fix race condition resulting in potential...
8.1CVSS
8AI Score
EPSS