Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sdk, Java Technology Edition Security Vulnerabilities

wolfi
wolfi

CVE-2024-25710 vulnerabilities

Vulnerabilities for packages: neo4j, spdx-tools-java, dependency-track, trino, opensearch, jenkins, wavefront-proxy,...

8.1CVSS

7AI Score

0.001EPSS

2024-06-29 09:08 PM
94
wolfi
wolfi

GHSA-4265-CCF5-PHJ5 vulnerabilities

Vulnerabilities for packages: neo4j, spdx-tools-java, dependency-track, trino, opensearch, jenkins, wavefront-proxy,...

7.5AI Score

2024-06-29 09:08 PM
95
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, goreleaser, dgraph, dotnet, node-problem-detector, terraform, terraform-provider-azurerm, bom, prometheus-bind-exporter, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-29 09:08 PM
626
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terragrunt, terraform, terraform-provider-azurerm, clusterctl, crossplane, k8sgpt-operator, newrelic-infra-operator, prometheus-bind-exporter, zot,...

7.5AI Score

2024-06-29 09:08 PM
184
wolfi
wolfi

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.8AI Score

0.0004EPSS

2024-06-29 09:08 PM
195
wolfi
wolfi

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, docker-cli, q, zot, opentofu, memcached-exporter, haproxy-ingress, ingress-nginx-controller, argo-cd, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller,...

6.8AI Score

0.0004EPSS

2024-06-29 09:08 PM
58
wolfi
wolfi

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...

5.5CVSS

6.1AI Score

0.0004EPSS

2024-06-29 09:08 PM
26
wolfi
wolfi

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terraform, bom, k8sgpt-operator, prometheus-bind-exporter, zot, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...

6.1CVSS

7.3AI Score

0.001EPSS

2024-06-29 09:08 PM
94
wolfi
wolfi

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terragrunt, terraform, terraform-provider-azurerm, clusterctl, crossplane, k8sgpt-operator, newrelic-infra-operator, prometheus-bind-exporter, zot,...

6.6AI Score

0.0004EPSS

2024-06-29 09:08 PM
30
wolfi
wolfi

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.8AI Score

0.0004EPSS

2024-06-29 09:08 PM
42
wolfi
wolfi

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.5AI Score

2024-06-29 09:08 PM
28
wolfi
wolfi

GHSA-5MG8-W23W-74H3 vulnerabilities

Vulnerabilities for packages: trino, maven, gradle,...

7.5AI Score

2024-06-29 09:08 PM
11
wolfi
wolfi

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, docker-cli, q, zot, opentofu, memcached-exporter, haproxy-ingress, ingress-nginx-controller, argo-cd, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller,...

7.5AI Score

2024-06-29 09:08 PM
20
wolfi
wolfi

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...

9.8CVSS

9.8AI Score

0.001EPSS

2024-06-29 09:08 PM
52
wolfi
wolfi

CVE-2023-1732 vulnerabilities

Vulnerabilities for packages: pulumi-language-java,...

8.2CVSS

6.8AI Score

0.001EPSS

2024-06-29 09:08 PM
28
wolfi
wolfi

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terraform, bom, k8sgpt-operator, go, prometheus-bind-exporter, zot, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm,...

7.5CVSS

8.4AI Score

0.002EPSS

2024-06-29 09:08 PM
50
wolfi
wolfi

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: pulumi-language-java, goreleaser, keda, kubescape, rclone, zarf, falco, grafana, terragrunt, crossplane, tkn, boring-registry, pulumi-language-dotnet, apko, zot, crossplane-provider-aws, aactl, policy-controller, terraform-provider-google, pulumi, argo-cd,...

7.5AI Score

2024-06-29 09:08 PM
45
wolfi
wolfi

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.5AI Score

2024-06-29 09:08 PM
24
wolfi
wolfi

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.5AI Score

2024-06-29 09:08 PM
22
wolfi
wolfi

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.5AI Score

2024-06-29 09:08 PM
21
wolfi
wolfi

CVE-2024-26308 vulnerabilities

Vulnerabilities for packages: neo4j, spdx-tools-java, dependency-track, trino, opensearch, jenkins, wavefront-proxy,...

5.5CVSS

7AI Score

0.001EPSS

2024-06-29 09:08 PM
25
wolfi
wolfi

CVE-2023-2976 vulnerabilities

Vulnerabilities for packages: trino, maven, gradle,...

7.1CVSS

6.9AI Score

0.0004EPSS

2024-06-29 09:08 PM
32
wolfi
wolfi

GHSA-4G9R-VXHX-9PGX vulnerabilities

Vulnerabilities for packages: neo4j, spdx-tools-java, dependency-track, trino, opensearch, jenkins, wavefront-proxy,...

7.5AI Score

2024-06-29 09:08 PM
6
wolfi
wolfi

GHSA-2Q89-485C-9J2X vulnerabilities

Vulnerabilities for packages: pulumi-language-java,...

7.5AI Score

2024-06-29 09:08 PM
11
wolfi
wolfi

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, cert-manager, pulumi-language-java, goreleaser, grype, keda, calico, dgraph, kubescape, node-problem-detector, falco, prometheus-blackbox-exporter, spark-operator, terraform-provider-azurerm, k3d, metrics-server, secrets-store-csi-driver,...

7.5AI Score

2024-06-29 09:08 PM
98
wolfi
wolfi

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, goreleaser, dgraph, dotnet, node-problem-detector, terraform, terraform-provider-azurerm, bom, prometheus-bind-exporter, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...

7.5AI Score

2024-06-29 09:08 PM
26
wolfi
wolfi

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.8AI Score

0.0004EPSS

2024-06-29 09:08 PM
20
wolfi
wolfi

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.8AI Score

0.0004EPSS

2024-06-29 09:08 PM
22
wolfi
wolfi

GHSA-MW99-9CHC-XW7R vulnerabilities

Vulnerabilities for packages: go-licenses, pulumi-language-java, goreleaser, bom, kots, zot, pulumi-language-dotnet, apko, nuclei, pulumi, argo-cd, gitsign, gomplate, pulumi-language-yaml, pulumi-kubernetes-operator, tekton-pipelines, gitness, src-fingerprint, kubevela, scorecard,...

7.5AI Score

2024-06-29 09:08 PM
16
wolfi
wolfi

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...

7.5AI Score

2024-06-29 09:08 PM
3
wolfi
wolfi

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terraform, bom, k8sgpt-operator, go, prometheus-bind-exporter, zot, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm,...

7.5AI Score

2024-06-29 09:08 PM
19
wolfi
wolfi

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terraform, bom, k8sgpt-operator, prometheus-bind-exporter, zot, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...

7.5AI Score

2024-06-29 09:08 PM
28
wolfi
wolfi

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

7.5AI Score

2024-06-29 09:08 PM
25
wolfi
wolfi

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...

7.5AI Score

2024-06-29 09:08 PM
4
wolfi
wolfi

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...

6AI Score

0.0004EPSS

2024-06-29 09:08 PM
20
wolfi
wolfi

CVE-2023-49568 vulnerabilities

Vulnerabilities for packages: go-licenses, pulumi-language-java, goreleaser, bom, kots, zot, pulumi-language-dotnet, apko, nuclei, pulumi, argo-cd, gitsign, gomplate, pulumi-language-yaml, pulumi-kubernetes-operator, tekton-pipelines, gitness, src-fingerprint, kubevela, scorecard,...

7.5CVSS

7.8AI Score

0.0005EPSS

2024-06-29 09:08 PM
29
wolfi
wolfi

GHSA-7G45-4RM6-3MM3 vulnerabilities

Vulnerabilities for packages: trino, maven, gradle,...

7.5AI Score

2024-06-29 09:08 PM
7
wolfi
wolfi

CVE-2020-8908 vulnerabilities

Vulnerabilities for packages: trino, maven, gradle,...

3.3CVSS

6.5AI Score

0.001EPSS

2024-06-29 09:08 PM
15
rapid7blog
rapid7blog

Metasploit Weekly Wrap-Up 06/28/2024

Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...

9.8CVSS

9AI Score

0.005EPSS

2024-06-28 08:36 PM
1
ibm
ibm

Security Bulletin: IBM Cognos Transformer is affected by security vulnerabilities

Summary Vulnerabilities in IBM® Java™ Version 8 that is consumed by IBM Cognos Transformer have been addressed. Please refer to the table in the Related Information section for vulnerability impact. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java.....

7.5CVSS

7AI Score

0.001EPSS

2024-06-28 07:56 PM
1
redhatcve
redhatcve

CVE-2024-38374

The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the...

7.5CVSS

7.7AI Score

0.0005EPSS

2024-06-28 07:20 PM
ibm
ibm

Security Bulletin: PowerSC is vulnerable to security restrictions bypass and denial of service due to Curl

Summary Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions (CVE-2024-2466, CVE-2024-2004, CVE-2024-2379) or cause a denial of service (CVE-2024-2398). PowerSC uses Curl as part of PowerSC Trusted Network Connect (TNC). Vulnerability Details ** CVEID:...

7.5AI Score

0.0004EPSS

2024-06-28 07:04 PM
2
cve
cve

CVE-2024-38374

The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the...

7.5CVSS

7.7AI Score

0.0005EPSS

2024-06-28 06:15 PM
15
nvd
nvd

CVE-2024-38374

The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the...

7.5CVSS

0.0005EPSS

2024-06-28 06:15 PM
2
cvelist
cvelist

CVE-2024-38374 Improper Restriction of XML External Entity Reference in org.cyclonedx:cyclonedx-core-java

The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the...

7.5CVSS

0.0005EPSS

2024-06-28 06:01 PM
1
ibm
ibm

Security Bulletin: SANnav software used by IBM b-type SAN directors and switches is affected by Oracle Java SE vulnerabilities

Summary The SANnav Management Portal and Global View products are affected due to a Jave SE issue. The affected issue has been addressed and can be resolved by applying the SANnav code level listed below. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968,...

7.4CVSS

7.1AI Score

0.002EPSS

2024-06-28 05:46 PM
3
ibm
ibm

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-30171

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability....

6.3AI Score

0.0004EPSS

2024-06-28 03:28 PM
ibm
ibm

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-34447

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to perform a DNS poisoning attack on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

6.9AI Score

0.0004EPSS

2024-06-28 03:25 PM
ibm
ibm

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-30172

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability...

7.1AI Score

0.0004EPSS

2024-06-28 03:24 PM
ibm
ibm

Security Bulletin: Vulnerability in Bouncy Castle Crypto Package For Java affects IBM Process Mining CVE-2024-29857

Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause excessive CPU consumption on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details.....

7.1AI Score

EPSS

2024-06-28 03:19 PM
1
Total number of security vulnerabilities106032