CVE-2024-25710 vulnerabilities
Vulnerabilities for packages: neo4j, spdx-tools-java, dependency-track, trino, opensearch, jenkins, wavefront-proxy,...
8.1CVSS
7AI Score
0.001EPSS
GHSA-4265-CCF5-PHJ5 vulnerabilities
Vulnerabilities for packages: neo4j, spdx-tools-java, dependency-track, trino, opensearch, jenkins, wavefront-proxy,...
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, goreleaser, dgraph, dotnet, node-problem-detector, terraform, terraform-provider-azurerm, bom, prometheus-bind-exporter, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...
7.5CVSS
9AI Score
0.732EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terragrunt, terraform, terraform-provider-azurerm, clusterctl, crossplane, k8sgpt-operator, newrelic-infra-operator, prometheus-bind-exporter, zot,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.8AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, docker-cli, q, zot, opentofu, memcached-exporter, haproxy-ingress, ingress-nginx-controller, argo-cd, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller,...
6.8AI Score
0.0004EPSS
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...
5.5CVSS
6.1AI Score
0.0004EPSS
Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terraform, bom, k8sgpt-operator, prometheus-bind-exporter, zot, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terragrunt, terraform, terraform-provider-azurerm, clusterctl, crossplane, k8sgpt-operator, newrelic-infra-operator, prometheus-bind-exporter, zot,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.5AI Score
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, docker-cli, q, zot, opentofu, memcached-exporter, haproxy-ingress, ingress-nginx-controller, argo-cd, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...
9.8CVSS
9.8AI Score
0.001EPSS
8.2CVSS
6.8AI Score
0.001EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terraform, bom, k8sgpt-operator, go, prometheus-bind-exporter, zot, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm,...
7.5CVSS
8.4AI Score
0.002EPSS
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: pulumi-language-java, goreleaser, keda, kubescape, rclone, zarf, falco, grafana, terragrunt, crossplane, tkn, boring-registry, pulumi-language-dotnet, apko, zot, crossplane-provider-aws, aactl, policy-controller, terraform-provider-google, pulumi, argo-cd,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.5AI Score
CVE-2024-26308 vulnerabilities
Vulnerabilities for packages: neo4j, spdx-tools-java, dependency-track, trino, opensearch, jenkins, wavefront-proxy,...
5.5CVSS
7AI Score
0.001EPSS
7.1CVSS
6.9AI Score
0.0004EPSS
GHSA-4G9R-VXHX-9PGX vulnerabilities
Vulnerabilities for packages: neo4j, spdx-tools-java, dependency-track, trino, opensearch, jenkins, wavefront-proxy,...
7.5AI Score
7.5AI Score
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, cert-manager, pulumi-language-java, goreleaser, grype, keda, calico, dgraph, kubescape, node-problem-detector, falco, prometheus-blackbox-exporter, spark-operator, terraform-provider-azurerm, k3d, metrics-server, secrets-store-csi-driver,...
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, goreleaser, dgraph, dotnet, node-problem-detector, terraform, terraform-provider-azurerm, bom, prometheus-bind-exporter, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.8AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.8AI Score
0.0004EPSS
GHSA-MW99-9CHC-XW7R vulnerabilities
Vulnerabilities for packages: go-licenses, pulumi-language-java, goreleaser, bom, kots, zot, pulumi-language-dotnet, apko, nuclei, pulumi, argo-cd, gitsign, gomplate, pulumi-language-yaml, pulumi-kubernetes-operator, tekton-pipelines, gitness, src-fingerprint, kubevela, scorecard,...
7.5AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terraform, bom, k8sgpt-operator, go, prometheus-bind-exporter, zot, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm,...
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: aws-efs-csi-driver, pulumi-language-java, kube-state-metrics, goreleaser, dgraph, node-problem-detector, terraform, bom, k8sgpt-operator, prometheus-bind-exporter, zot, telegraf, minio, memcached-exporter, opentofu, haproxy-ingress, helm, gke-gcloud-auth-plugin,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
7.5AI Score
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: nri-postgresql, velero-plugin-for-csi, terragrunt, nsc, nri-mssql, q, opentofu, memcached-exporter, pluto, haproxy-ingress, ingress-nginx-controller, cluster-autoscaler, gomplate, kyverno, flux-image-automation-controller, kubernetes-csi-external-resizer, lazygit,...
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: docker-credential-acr-env, aws-efs-csi-driver, pulumi-language-java, amass, kube-state-metrics, mage, nri-nagios, goreleaser, dgraph, node-problem-detector, terraform, clusterctl, nri-mssql, crossplane, bom, k8sgpt-operator, docker-cli, mockery,...
6AI Score
0.0004EPSS
CVE-2023-49568 vulnerabilities
Vulnerabilities for packages: go-licenses, pulumi-language-java, goreleaser, bom, kots, zot, pulumi-language-dotnet, apko, nuclei, pulumi, argo-cd, gitsign, gomplate, pulumi-language-yaml, pulumi-kubernetes-operator, tekton-pipelines, gitness, src-fingerprint, kubevela, scorecard,...
7.5CVSS
7.8AI Score
0.0005EPSS
7.5AI Score
3.3CVSS
6.5AI Score
0.001EPSS
Metasploit Weekly Wrap-Up 06/28/2024
Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...
9.8CVSS
9AI Score
0.005EPSS
Security Bulletin: IBM Cognos Transformer is affected by security vulnerabilities
Summary Vulnerabilities in IBM® Java™ Version 8 that is consumed by IBM Cognos Transformer have been addressed. Please refer to the table in the Related Information section for vulnerability impact. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java.....
7.5CVSS
7AI Score
0.001EPSS
The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the...
7.5CVSS
7.7AI Score
0.0005EPSS
Summary Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions (CVE-2024-2466, CVE-2024-2004, CVE-2024-2379) or cause a denial of service (CVE-2024-2398). PowerSC uses Curl as part of PowerSC Trusted Network Connect (TNC). Vulnerability Details ** CVEID:...
7.5AI Score
0.0004EPSS
The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the...
7.5CVSS
7.7AI Score
0.0005EPSS
The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the...
7.5CVSS
0.0005EPSS
The CycloneDX core module provides a model representation of the SBOM along with utilities to assist in creating, validating, and parsing SBOMs. Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the...
7.5CVSS
0.0005EPSS
Summary The SANnav Management Portal and Global View products are affected due to a Jave SE issue. The affected issue has been addressed and can be resolved by applying the SANnav code level listed below. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968,...
7.4CVSS
7.1AI Score
0.002EPSS
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability....
6.3AI Score
0.0004EPSS
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to perform a DNS poisoning attack on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...
6.9AI Score
0.0004EPSS
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability...
7.1AI Score
0.0004EPSS
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause excessive CPU consumption on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details.....
7.1AI Score
EPSS