PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS
PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
EPSS
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: falcoctl, neuvector-sigstore-interface, ko, kubescape, gitsign, tekton-chains, melange, spire-server, zot, wolfictl, flux-source-controller, falco, goreleaser, skaffold, zarf, apko, aactl, policy-controller, slsa-verifier, vexctl,...
7.5AI Score
Vulnerabilities for packages: falcoctl, flux-kustomize-controller, cert-manager, gh, cosign, gitlab-kas, k3s, kubescape, neuvector-sigstore-interface, argo-cd, terraform, gitsign, ksops, keda, sops, flux-image-reflector-controller, nuclei, flux-notification-controller, consul,...
6CVSS
6AI Score
0.0004EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: cilium-envoy, argo-cd, dgraph, kaf, pulumi, prometheus-adapter, gitness, nghttp2, newrelic-infrastructure-agent, falco, dotnet, nats, kpt, prometheus-stackdriver-exporter, gomplate, metacontroller, tctl, thanos, kubevela, node-problem-detector, aactl, haproxy-ingress,....
7.5CVSS
9AI Score
0.732EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: flux-kustomize-controller, cilium-envoy, cert-manager, cosign, kubescape, argo-cd, istio-pilot-discovery, gitsign, keda, sops, dex, oauth2-proxy, tekton-chains, tekton-pipelines, external-secrets-operator, spire-server, flux-source-controller, falco, kots, traefik,...
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: k3s, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, argo-cd, thanos-operator, gcsfuse, boring-registry, cilium, nuclei, dgraph, tekton-chains, kaf, pulumi, spire-server, doppler-kubernetes-operator, zot, prometheus-adapter, cri-tools, gitness,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: k3s, bazelisk, paranoia, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, helm-push, argo-cd, flannel-cni-plugin, nri-mssql, thanos-operator, wait-for-port, esbuild, gcsfuse, nuclei, dgraph, wazero, mage, direnv, nri-haproxy, nri-nginx, kaf,...
7.8AI Score
0.0004EPSS
7.5AI Score
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, argo-cd, flux-notification-controller, melange,...
7.5CVSS
7.7AI Score
0.0005EPSS
GHSA-X84C-P2G9-RQV9 vulnerabilities
Vulnerabilities for packages: syft, k3d, docker-compose, policy-controller, tekton-pipelines, helm-push, kaniko, wolfictl, cri-tools, buf, harbor-scanner-trivy, neuvector-scanner, prometheus, grype, melange, docker,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: k3s, kubescape, nerdctl, ingress-nginx-controller, kaniko, grype, docker, ctop, buildkitd, zot, wolfictl, nvidia-device-plugin, telegraf, newrelic-infrastructure-agent, k9s, datadog-agent, syft, k3d, runc, kots, skaffold, kubernetes, trivy, zarf, cadvisor,...
8.6CVSS
9.2AI Score
0.051EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: cert-manager, kubescape, helm-push, kaniko, grype, melange, tekton-pipelines, ctop, up, fuse-overlayfs-snapshotter, zot, gitness, flux-source-controller, telegraf, newrelic-infrastructure-agent, cilium-cli, k3d, flux-helm-controller, kots, skaffold, eksctl, trivy,...
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: chartmuseum, istio-operator, flux-helm-controller, cert-manager, up, kubescape, kots, helm-push, trivy, zot, zarf, flux-source-controller, eksctl, helm-operator, k9s, k8sgpt,...
6.4CVSS
6.7AI Score
0.0004EPSS
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: chartmuseum, istio-operator, flux-helm-controller, cert-manager, up, kubescape, kots, helm-push, trivy, zot, zarf, flux-source-controller, eksctl, helm-operator, k9s, k8sgpt,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: tfsec, wait-for-port, argo-cd, mods, boring-registry, cilium, tekton-chains, wazero, kaf, spire-server, shfmt, gitlab-logger, kube-rbac-proxy, metacontroller, grafana, kubevela, istio-cni, haproxy-ingress, temporal, cluster-api-controller, velero-plugin-for-aws,...
6.8AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: tfsec, ghaudit, paranoia, tigera-operator, wait-for-port, hcloud, grafana-operator, helm-push, mods, boring-registry, dgraph, tekton-chains, mage, direnv, rabbitmq-default-user-credential-updater, kaf, src-fingerprint, zot, go-md2man, prometheus-adapter, shfmt,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: tfsec, ghaudit, paranoia, tigera-operator, wait-for-port, hcloud, grafana-operator, helm-push, mods, boring-registry, dgraph, tekton-chains, mage, direnv, rabbitmq-default-user-credential-updater, kaf, src-fingerprint, zot, go-md2man, prometheus-adapter, shfmt,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: tfsec, wait-for-port, mods, boring-registry, cilium, tekton-chains, wazero, kaf, spire-server, shfmt, gitlab-logger, fluent-operator, rook, metacontroller, grafana, kubevela, istio-cni, haproxy-ingress, temporal, cluster-api-controller, velero-plugin-for-aws,...
5.5CVSS
6.1AI Score
0.0004EPSS
GHSA-V6V8-XJ6M-XWQH vulnerabilities
Vulnerabilities for packages: falcoctl, flux-kustomize-controller, cert-manager, gh, cosign, gitlab-kas, k3s, kubescape, neuvector-sigstore-interface, argo-cd, terraform, gitsign, ksops, keda, sops, flux-image-reflector-controller, nuclei, flux-notification-controller, consul,...
7.5AI Score
Vulnerabilities for packages: k3s, argo-cd, thanos-operator, dgraph, kaf, pulumi, zot, prometheus-adapter, gitness, nfs-subdir-external-provisioner, newrelic-infrastructure-agent, prometheus-node-exporter, kpt, prometheus-stackdriver-exporter, gomplate, metacontroller, tctl, thanos, kubevela,...
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: k3s, tigera-operator, kubeflow-pipelines, nerdctl, helm-push, nri-mssql, argo-cd, boring-registry, dgraph, tekton-chains, kaf, src-fingerprint, pulumi, spire-server, zot, prometheus-adapter, gitness, nfs-subdir-external-provisioner, prometheus-node-exporter, falco,...
5.9CVSS
7.1AI Score
0.963EPSS
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: falcoctl, k3s, cert-manager, timoni, cosign, kubescape, nerdctl, istio-pilot-discovery, gitsign, flux-image-reflector-controller, kubeflow-katib, tekton-chains, scorecard, tekton-pipelines, ctop, up, pulumi, buildkitd, crane, zot, cri-tools, telegraf,...
7.8CVSS
7.5AI Score
0.001EPSS
GHSA-M5VV-6R4H-3VJ9 vulnerabilities
Vulnerabilities for packages: falcoctl, flux-kustomize-controller, cert-manager, cosign, kubescape, restic, secrets-store-csi-driver-provider-azure, teleport, sqlpad, ksops, step, keda, sops, flux-image-reflector-controller, nuclei, boring-registry, chezmoi, tekton-chains, grafana-mimir,...
7.5AI Score
GHSA-3F2Q-6294-FMQ5 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, argo-cd, flux-notification-controller, melange,...
7.5AI Score
7.8CVSS
9.2AI Score
0.001EPSS
7.5AI Score
7.5AI Score
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: k3s, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, argo-cd, thanos-operator, gcsfuse, boring-registry, cilium, nuclei, dgraph, tekton-chains, kaf, pulumi, spire-server, doppler-kubernetes-operator, zot, prometheus-adapter, cri-tools, gitness,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: k3s, bazelisk, paranoia, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, helm-push, argo-cd, flannel-cni-plugin, nri-mssql, thanos-operator, wait-for-port, esbuild, gcsfuse, nuclei, dgraph, wazero, mage, direnv, nri-haproxy, nri-nginx, kaf,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: k3s, bazelisk, paranoia, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, helm-push, argo-cd, flannel-cni-plugin, nri-mssql, thanos-operator, wait-for-port, esbuild, gcsfuse, nuclei, dgraph, wazero, mage, direnv, nri-haproxy, nri-nginx, kaf,...
7.5AI Score
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: falcoctl, flux-kustomize-controller, cert-manager, cosign, kubescape, restic, secrets-store-csi-driver-provider-azure, teleport, sqlpad, ksops, step, keda, sops, flux-image-reflector-controller, nuclei, boring-registry, chezmoi, tekton-chains, grafana-mimir,...
5.5CVSS
6AI Score
0.0004EPSS
CVE-2024-32473 vulnerabilities
Vulnerabilities for packages: syft, k3d, docker-compose, policy-controller, tekton-pipelines, helm-push, kaniko, wolfictl, cri-tools, buf, harbor-scanner-trivy, neuvector-scanner, prometheus, grype, melange, docker,...
4.7CVSS
4.9AI Score
0.0004EPSS
GHSA-88JX-383Q-W4QC vulnerabilities
Vulnerabilities for packages: falcoctl, neuvector-sigstore-interface, ko, kubescape, gitsign, tekton-chains, melange, spire-server, zot, wolfictl, flux-source-controller, falco, goreleaser, skaffold, zarf, apko, aactl, policy-controller, slsa-verifier, vexctl,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: tfsec, wait-for-port, argo-cd, mods, boring-registry, cilium, tekton-chains, wazero, kaf, spire-server, shfmt, gitlab-logger, kube-rbac-proxy, metacontroller, grafana, kubevela, istio-cni, haproxy-ingress, temporal, cluster-api-controller, velero-plugin-for-aws,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: tfsec, ghaudit, paranoia, tigera-operator, wait-for-port, hcloud, grafana-operator, helm-push, mods, boring-registry, dgraph, tekton-chains, mage, direnv, rabbitmq-default-user-credential-updater, kaf, src-fingerprint, zot, go-md2man, prometheus-adapter, shfmt,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: tfsec, wait-for-port, mods, boring-registry, cilium, tekton-chains, wazero, kaf, spire-server, shfmt, gitlab-logger, fluent-operator, rook, metacontroller, grafana, kubevela, istio-cni, haproxy-ingress, temporal, cluster-api-controller, velero-plugin-for-aws,...
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: k3s, argo-cd, thanos-operator, dgraph, tekton-chains, kaf, pulumi, zot, prometheus-adapter, gitness, nfs-subdir-external-provisioner, newrelic-infrastructure-agent, prometheus-node-exporter, falco, nats, kpt, prometheus-stackdriver-exporter, gomplate, metacontroller,.....
7.5CVSS
8.4AI Score
0.002EPSS
CVE-2023-46737 vulnerabilities
Vulnerabilities for packages: aactl, ko, cosign, kubescape, goreleaser, policy-controller, slsa-verifier, spire-server, skaffold, tkn, falco, tekton-chains, melange,...
5.3CVSS
5.1AI Score
0.0005EPSS
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: flux-kustomize-controller, cosign, kubescape, argo-cd, gitsign, kaniko, keda, sops, crossplane, boring-registry, flux-notification-controller, flux-image-automation-controller, melange, tekton-chains, scorecard, actions-runner-controller, pulumi-kubernetes-operator,...
7.5AI Score
GHSA-C5Q2-7R4C-MV6G vulnerabilities
Vulnerabilities for packages: falcoctl, flux-kustomize-controller, cert-manager, ko, cosign, nerdctl, argo-cd, istio-pilot-discovery, gitsign, step, keda, dex, cilium, oauth2-proxy, dgraph, tekton-chains, melange, rabbitmq-messaging-topology-operator, minio, tekton-pipelines,...
7.5AI Score
GHSA-VFP6-JRW2-99G9 vulnerabilities
Vulnerabilities for packages: aactl, ko, cosign, kubescape, goreleaser, policy-controller, slsa-verifier, spire-server, skaffold, tkn, falco, tekton-chains, melange,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: k3s, bazelisk, paranoia, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, helm-push, argo-cd, flannel-cni-plugin, nri-mssql, thanos-operator, wait-for-port, esbuild, gcsfuse, nuclei, dgraph, wazero, mage, direnv, nri-haproxy, nri-nginx, kaf,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: k3s, bazelisk, paranoia, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, helm-push, argo-cd, flannel-cni-plugin, nri-mssql, thanos-operator, wait-for-port, esbuild, gcsfuse, nuclei, dgraph, wazero, mage, direnv, nri-haproxy, nri-nginx, kaf,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: k3s, bazelisk, paranoia, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, helm-push, argo-cd, flannel-cni-plugin, nri-mssql, thanos-operator, wait-for-port, esbuild, gcsfuse, nuclei, dgraph, wazero, mage, direnv, nri-haproxy, nri-nginx, kaf,...
7.5AI Score
CVE-2024-26147 vulnerabilities
Vulnerabilities for packages: chartmuseum, istio-operator, flux-helm-controller, cert-manager, up, kubescape, kots, helm-push, trivy, zot, zarf, flux-source-controller, eksctl, helm-operator, k9s, k8sgpt,...
7.5CVSS
7.7AI Score
0.0004EPSS
9.8CVSS
9.9AI Score
0.005EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: k3s, bazelisk, paranoia, gh, tigera-operator, kubeflow-pipelines, nerdctl, grafana-operator, helm-push, argo-cd, flannel-cni-plugin, nri-mssql, thanos-operator, wait-for-port, esbuild, gcsfuse, nuclei, dgraph, wazero, mage, direnv, nri-haproxy, nri-nginx, kaf,...
7.8AI Score
0.0004EPSS
CVE-2024-29902 vulnerabilities
Vulnerabilities for packages: falcoctl, neuvector-sigstore-interface, ko, kubescape, gitsign, tekton-chains, melange, spire-server, zot, wolfictl, flux-source-controller, falco, goreleaser, skaffold, zarf, apko, aactl, policy-controller, slsa-verifier, vexctl,...
4.2CVSS
4.5AI Score
0.0004EPSS
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: tfsec, wait-for-port, mods, boring-registry, cilium, tekton-chains, wazero, kaf, spire-server, shfmt, gitlab-logger, fluent-operator, rook, metacontroller, grafana, kubevela, istio-cni, haproxy-ingress, temporal, cluster-api-controller, velero-plugin-for-aws,...
7.5AI Score