IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
5.2AI Score
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
5.2AI Score
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
6.4CVSS
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
6.4CVSS
5.8AI Score
EPSS
CVE-2023-50964 IBM InfoSphere Information Server cross-site scripting
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
EPSS
CVE-2024-28794 IBM InfoSphere Information Server cross-site scripting
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
EPSS
CVE-2024-28797 IBM InfoSphere Information Server cross-site scripting
IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
6.4CVSS
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
7.2CVSS
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
7.2CVSS
6.2AI Score
EPSS
A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a.....
5.3CVSS
EPSS
A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a.....
5.3CVSS
5.9AI Score
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
6AI Score
EPSS
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
EPSS
CVE-2024-28798 IBM InfoSphere Information Server cross-site scripting
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
7.2CVSS
EPSS
CVE-2024-28795 IBM InfoSphere Information Server cross-site scripting
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
EPSS
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: eksctl, helm-operator, cert-manager, k8sgpt, chartmuseum, k9s, istio-operator, kubescape, helm-push, zot, cilium-cli, trivy, kots, flux-helm-controller, flux-source-controller, zarf,...
7.5AI Score
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: kubescape, zot, tekton-pipelines, fuse-overlayfs-snapshotter, telegraf, ctop, flux-helm-controller, helm, k3d, up, gitness, trivy, neuvector-agent, grype, skaffold, kubevela, eksctl, cert-manager, newrelic-infrastructure-agent, helm-push, cilium-cli, kots,...
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: eksctl, helm-operator, cert-manager, k8sgpt, chartmuseum, k9s, istio-operator, kubescape, helm-push, zot, cilium-cli, trivy, kots, flux-helm-controller, flux-source-controller, zarf,...
6.4CVSS
6.7AI Score
0.0004EPSS
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, dex, aws-ebs-csi-driver, kustomize, nri-apache, loki, vexctl, gatekeeper, speedtest-go, cortex, slsa-verifier, yam, cri-tools, nri-discovery-kubernetes, argo-cd, nri-memcached,...
7.8AI Score
0.0004EPSS
9.8CVSS
9.7AI Score
0.002EPSS
7.5AI Score
GHSA-84PR-M4JR-85G5 vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-flask-cors,...
7.5AI Score
GHSA-2G68-C3QC-8985 vulnerabilities
Vulnerabilities for packages: superset, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-werkzeug,...
7.5AI Score
CVE-2024-34069 vulnerabilities
Vulnerabilities for packages: superset, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-werkzeug,...
7.5CVSS
7.8AI Score
0.0004EPSS
GHSA-X84C-P2G9-RQV9 vulnerabilities
Vulnerabilities for packages: buf, dagger, cri-tools, neuvector-scanner, melange, syft, docker-compose, wolfictl, helm-push, policy-controller, prometheus, tekton-pipelines, k3d, grype, harbor-scanner-trivy, docker,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, go, aactl, gatekeeper, cri-tools, flannel, istio-cni, nri-memcached, goreleaser, bazelisk, cloudflared, spark-operator, gptscript, configmap-reload, newrelic-infra-operator, containerd,...
6.8AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, grafana-agent-operator, chartmuseum, caddy, go, hcloud, dex, aws-ebs-csi-driver, oauth2-proxy, kustomize, loki, aactl, go-fips, cortex, cri-tools, git-lfs, step, istio-operator, flannel, sonobuoy,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, grafana-agent-operator, chartmuseum, caddy, go, hcloud, dex, aws-ebs-csi-driver, oauth2-proxy, kustomize, loki, aactl, go-fips, cortex, cri-tools, git-lfs, step, istio-operator, flannel, sonobuoy,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, go, aactl, gatekeeper, cri-tools, flannel, istio-cni, nri-memcached, bazelisk, local-static-provisioner, cloudflared, configmap-reload, newrelic-infra-operator, dagger, vcluster, go-md2man,...
5.5CVSS
6.1AI Score
0.0004EPSS
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard-metrics-scraper, gitlab-logger, docker-credential-ecr-login, grpcurl, gops, cilium-envoy, nsc, aws-flb-kinesis, go-bindata, flannel-cni-plugin, aactl, aws-flb-cloudwatch, sops, petname, cortex, slsa-verifier, docker-cli, nri-discovery-kubernetes,.....
7.5CVSS
7.9AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: tigera-operator, caddy, dex, oauth2-proxy, loki, vexctl, aactl, gatekeeper, libssh, cortex, slsa-verifier, git-lfs, step, istio-operator, istio-cni, argo-cd, goreleaser, kube-rbac-proxy, traefik, cloudflared, falco, vault, spark-operator, cosign, nats,...
5.9CVSS
7.1AI Score
0.963EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, dex, aws-ebs-csi-driver, kustomize, nri-apache, loki, vexctl, gatekeeper, speedtest-go, cortex, slsa-verifier, yam, cri-tools, nri-discovery-kubernetes, argo-cd, nri-memcached,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, dex, aws-ebs-csi-driver, kustomize, nri-apache, loki, vexctl, gatekeeper, speedtest-go, cortex, slsa-verifier, yam, cri-tools, nri-discovery-kubernetes, argo-cd, nri-memcached,...
7.5AI Score
GHSA-JJG7-2V4V-X38H vulnerabilities
Vulnerabilities for packages: kubeflow-katib, ggshield, kubeflow-pipelines-visualization-server, py3-idna, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-cassandra-medusa, datadog-agent, kubeflow-pipelines, confluent-docker-utils, k8s-sidecar, py3.10-tensorflow-core, dask-gateway, az,...
7.5AI Score
CVE-2024-32473 vulnerabilities
Vulnerabilities for packages: buf, dagger, cri-tools, neuvector-scanner, melange, syft, docker-compose, wolfictl, helm-push, policy-controller, prometheus, tekton-pipelines, k3d, grype, harbor-scanner-trivy, docker,...
4.7CVSS
4.9AI Score
0.0004EPSS
GHSA-H75V-3VVJ-5MFJ vulnerabilities
Vulnerabilities for packages: superset, pytorch, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-jinja2, confluent-docker-utils, dask-gateway,...
7.5AI Score
Vulnerabilities for packages: kubeflow-katib, ggshield, kubeflow-pipelines-visualization-server, py3-idna, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-cassandra-medusa, datadog-agent, kubeflow-pipelines, confluent-docker-utils, k8s-sidecar, py3.10-tensorflow-core, dask-gateway, az,...
6.7AI Score
EPSS
GHSA-G4MX-Q9VG-27P4 vulnerabilities
Vulnerabilities for packages: py3-urllib3, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-tensorflow-serving-api,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, go, aactl, gatekeeper, cri-tools, flannel, istio-cni, nri-memcached, goreleaser, bazelisk, cloudflared, spark-operator, gptscript, configmap-reload, newrelic-infra-operator, containerd,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, grafana-agent-operator, chartmuseum, caddy, go, hcloud, dex, aws-ebs-csi-driver, oauth2-proxy, kustomize, loki, aactl, cortex, cri-tools, git-lfs, step, istio-operator, flannel, sonobuoy,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, go, aactl, gatekeeper, cri-tools, flannel, istio-cni, nri-memcached, bazelisk, local-static-provisioner, cloudflared, configmap-reload, newrelic-infra-operator, dagger, vcluster, go-md2man,...
9.8CVSS
9.8AI Score
0.001EPSS
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, dex, aws-ebs-csi-driver, kustomize, nri-apache, loki, vexctl, gatekeeper, speedtest-go, cortex, slsa-verifier, yam, cri-tools, nri-discovery-kubernetes, argo-cd, nri-memcached,...
7.5AI Score
CVE-2024-34064 vulnerabilities
Vulnerabilities for packages: superset, pytorch, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-jinja2, confluent-docker-utils, dask-gateway,...
5.4CVSS
6.1AI Score
0.0004EPSS
CVE-2023-45803 vulnerabilities
Vulnerabilities for packages: py3-urllib3, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-tensorflow-serving-api,...
4.2CVSS
7.1AI Score
0.0004EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, dex, aws-ebs-csi-driver, kustomize, nri-apache, loki, vexctl, gatekeeper, speedtest-go, cortex, slsa-verifier, yam, cri-tools, nri-discovery-kubernetes, argo-cd, nri-memcached,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: litefs, tigera-operator, kubernetes-dashboard-metrics-scraper, chartmuseum, caddy, dex, aws-ebs-csi-driver, kustomize, nri-apache, loki, vexctl, gatekeeper, speedtest-go, cortex, slsa-verifier, yam, cri-tools, nri-discovery-kubernetes, argo-cd, nri-memcached,...
7.5AI Score
CVE-2024-26147 vulnerabilities
Vulnerabilities for packages: eksctl, helm-operator, cert-manager, k8sgpt, chartmuseum, k9s, istio-operator, kubescape, helm-push, zot, cilium-cli, trivy, kots, flux-helm-controller, flux-source-controller, zarf,...
7.5CVSS
7.7AI Score
0.0004EPSS
GHSA-V53G-5GJP-272R vulnerabilities
Vulnerabilities for packages: eksctl, helm-operator, cert-manager, k8sgpt, chartmuseum, k9s, istio-operator, kubescape, helm-push, zot, cilium-cli, trivy, kots, flux-helm-controller, flux-source-controller, zarf,...
7.5AI Score