Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today...
7.8AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, velero, thanos, kuberay-operator, terraform-provider-azurerm, argo-workflows, helm, kpt, ctop,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.8AI Score
0.0004EPSS
Vulnerabilities for packages: argo-cd, cluster-autoscaler, aws-efs-csi-driver,...
8.8CVSS
8.9AI Score
0.001EPSS
Vulnerabilities for packages: kubernetes-dns-node-cache, node-feature-discovery, kubernetes-csi-driver-hostpath, aws-ebs-csi-driver, ip-masq-agent, cluster-autoscaler, calico, spark-operator, nodetaint, kubernetes,...
2.7CVSS
4.3AI Score
0.0004EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: external-dns, dynamic-localpv-provisioner, argo-cd, thanos, terraform-provider-azurerm, helm, kpt, amass, grpcurl, fuse-overlayfs-snapshotter, coredns, hey, git-lfs, traefik, gatekeeper, pulumi-language-java, minio, hugo, vault-csi-provider, nri-prometheus, aactl,...
7.5CVSS
9AI Score
0.732EPSS
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: nerdctl, datadog-agent, newrelic-infrastructure-agent, k3s, k9s, ctop, k3d, ingress-nginx-controller, kubescape, syft, wolfictl, docker, kubernetes, nvidia-device-plugin, zot, trivy, cadvisor, kaniko, telegraf, zarf, kots, runc, grype, buildkitd, skaffold,...
8.6CVSS
9.2AI Score
0.051EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, velero, thanos, kuberay-operator, terraform-provider-azurerm, argo-workflows, helm, kpt, ctop,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.5AI Score
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: restic, external-dns, step-ca, grafana-agent-operator, secrets-store-csi-driver-provider-azure, velero, prometheus, kyverno, keda, thanos, cert-manager, chezmoi, teleport, cortex, argo-workflows, rook, harbor-registry, falcoctl, fluent-bit-plugin-loki, ksops, guac,...
5.5CVSS
6.1AI Score
0.0004EPSS
GHSA-M5VV-6R4H-3VJ9 vulnerabilities
Vulnerabilities for packages: restic, external-dns, step-ca, grafana-agent-operator, secrets-store-csi-driver-provider-azure, velero, prometheus, kyverno, keda, thanos, cert-manager, chezmoi, teleport, cortex, argo-workflows, rook, harbor-registry, falcoctl, fluent-bit-plugin-loki, ksops, guac,...
7.5AI Score
GHSA-Q78C-GWQW-JCMC vulnerabilities
Vulnerabilities for packages: argo-cd, cluster-autoscaler, aws-efs-csi-driver,...
7.5AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: nri-jmx, gobump, external-dns, kuberay-operator, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, kube-rbac-proxy, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached, kor,...
6.8AI Score
0.0004EPSS
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: nri-jmx, gobump, dagger, external-dns, kuberay-operator, neuvector-controller, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached,....
6.5AI Score
0.0004EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, kyverno-policy-reporter, external-dns, dynamic-localpv-provisioner, tigera-operator, argo-cd, dockerize, thanos, terraform-provider-azurerm, argo-workflows, helm, docker-credential-acr-env, src-fingerprint, terragrunt, amass,...
5.9CVSS
7.1AI Score
0.962EPSS
Vulnerabilities for packages: flux-image-automation-controller, external-dns, dynamic-localpv-provisioner, argo-cd, thanos, helm, kpt, grpcurl, kube-fluentd-operator, prometheus-operator, fuse-overlayfs-snapshotter, coredns, vault, hey, git-lfs, zot, kube-state-metrics,...
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: gobump, external-dns, extism, dynamic-localpv-provisioner, libnvidia-container, grafana-operator, dockerize, tigera-operator, thanos, hello-world-golang, helm, docker-credential-acr-env, docker-credential-gcr, kpt, src-fingerprint, ctop, grpcurl, kubebuilder, rclone,.....
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: gobump, external-dns, extism, dynamic-localpv-provisioner, libnvidia-container, grafana-operator, dockerize, tigera-operator, thanos, hello-world-golang, helm, docker-credential-acr-env, docker-credential-gcr, kpt, src-fingerprint, ctop, grpcurl, kubebuilder, rclone,.....
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: nri-jmx, gobump, external-dns, kuberay-operator, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, kube-rbac-proxy, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached, kor,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: gobump, external-dns, extism, dynamic-localpv-provisioner, libnvidia-container, grafana-operator, dockerize, tigera-operator, thanos, hello-world-golang, helm, docker-credential-acr-env, docker-credential-gcr, kpt, src-fingerprint, ctop, grpcurl, kubebuilder, rclone,.....
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: nri-jmx, gobump, dagger, external-dns, kuberay-operator, neuvector-controller, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached,....
6.5AI Score
0.0004EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, external-dns, dynamic-localpv-provisioner, argo-cd, thanos, helm, kpt, amass, grpcurl, kube-fluentd-operator, prometheus-operator, fuse-overlayfs-snapshotter, coredns, vault, hey, git-lfs, zot, kube-state-metrics,...
7.5CVSS
8.4AI Score
0.002EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.5AI Score
CVE-2023-47108 vulnerabilities
Vulnerabilities for packages: temporal-server, kubevela, envoy-ratelimit, kubernetes-csi-external-resizer, temporal, cri-tools, kubescape, containerd, aws-ebs-csi-driver, argo-cd, docker-compose, k3s, keda, cert-manager, kubernetes, kyverno,...
7.5CVSS
7.7AI Score
0.001EPSS
GHSA-8PGV-569H-W5RW vulnerabilities
Vulnerabilities for packages: temporal-server, kubevela, envoy-ratelimit, kubernetes-csi-external-resizer, temporal, cri-tools, kubescape, containerd, aws-ebs-csi-driver, argo-cd, docker-compose, k3s, keda, cert-manager, kubernetes, kyverno,...
7.5AI Score
Vulnerabilities for packages: kubernetes-dns-node-cache, prometheus-adapter, aws-ebs-csi-driver, ip-masq-agent, cluster-autoscaler, aws-efs-csi-driver, calico, nodetaint,...
8.8CVSS
8.1AI Score
0.001EPSS
GHSA-HQ6Q-C2X6-HMCH vulnerabilities
Vulnerabilities for packages: kubernetes-dns-node-cache, prometheus-adapter, aws-ebs-csi-driver, ip-masq-agent, cluster-autoscaler, aws-efs-csi-driver, calico, nodetaint,...
7.5AI Score
6.5CVSS
6.2AI Score
0.0004EPSS
7.5AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: nri-jmx, gobump, dagger, external-dns, kuberay-operator, neuvector-controller, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached,....
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, external-dns, dynamic-localpv-provisioner, argo-cd, thanos, helm, kpt, grpcurl, kube-fluentd-operator, prometheus-operator, fuse-overlayfs-snapshotter, coredns, vault, hey, git-lfs, zot, kube-state-metrics,...
7.5AI Score
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: node-problem-detector, kubevela, envoy-ratelimit, influxd, dgraph, external-dns, pulumi-kubernetes-operator, gitlab-pages, mc, dynamic-localpv-provisioner, argo-cd, cluster-autoscaler, aws-efs-csi-driver, prometheus, keda, kubeflow-katib, cert-manager, spark-operator,....
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: external-dns, dynamic-localpv-provisioner, argo-cd, thanos, terraform-provider-azurerm, helm, kpt, amass, grpcurl, fuse-overlayfs-snapshotter, coredns, hey, git-lfs, traefik, gatekeeper, pulumi-language-java, minio, hugo, vault-csi-provider, nri-prometheus, aactl,...
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, kyverno-policy-reporter, external-dns, dynamic-localpv-provisioner, tigera-operator, argo-cd, dockerize, thanos, terraform-provider-azurerm, argo-workflows, helm, docker-credential-acr-env, src-fingerprint, terragrunt, amass,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.8AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, external-dns, dynamic-localpv-provisioner, argo-cd, thanos, helm, kpt, amass, grpcurl, kube-fluentd-operator, prometheus-operator, fuse-overlayfs-snapshotter, coredns, vault, hey, git-lfs, zot, kube-state-metrics,...
7.5AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
7.8AI Score
0.0004EPSS
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: gobump, external-dns, extism, dynamic-localpv-provisioner, libnvidia-container, grafana-operator, dockerize, tigera-operator, thanos, hello-world-golang, helm, docker-credential-acr-env, docker-credential-gcr, kpt, src-fingerprint, ctop, grpcurl, kubebuilder, rclone,.....
6.5AI Score
0.0004EPSS
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: nri-jmx, gobump, dagger, external-dns, kuberay-operator, neuvector-controller, fuse-overlayfs-snapshotter, direnv, kube-state-metrics, cri-tools, node-feature-discovery, flux-image-reflector-controller, fulcio, cadvisor, prometheus-nats-exporter, shfmt, nri-memcached,....
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: flux-image-automation-controller, datadog-agent, kyverno-policy-reporter, dagger, external-dns, dynamic-localpv-provisioner, tigera-operator, grafana-operator, argo-cd, dockerize, velero, thanos, kuberay-operator, speedtest-go, esbuild, hello-world-golang, helm,...
5.9AI Score
0.0004EPSS
GHSA-PXHW-596R-RWQ5 vulnerabilities
Vulnerabilities for packages: kubernetes-dns-node-cache, node-feature-discovery, kubernetes-csi-driver-hostpath, aws-ebs-csi-driver, ip-masq-agent, cluster-autoscaler, calico, spark-operator, nodetaint, kubernetes,...
7.5AI Score
GHSA-XR7R-F8XQ-VFVV vulnerabilities
Vulnerabilities for packages: nerdctl, datadog-agent, newrelic-infrastructure-agent, k3s, k9s, ctop, k3d, ingress-nginx-controller, kubescape, syft, wolfictl, docker, kubernetes, nvidia-device-plugin, zot, trivy, cadvisor, kaniko, telegraf, zarf, kots, runc, grype, buildkitd, skaffold,...
7.5AI Score
Exploit for OS Command Injection in Php
CVE-2024-4577 In PHP when using Apache and PHP-CGI on...
9.8CVSS
8.7AI Score
0.932EPSS
CVE-2022-3162 affecting package kube-vip-cloud-provider 0.0.2-16
CVE-2022-3162 affecting package kube-vip-cloud-provider 0.0.2-16. No patch is available...
6.5CVSS
7AI Score
0.001EPSS
CVE-2023-44487 affecting package csi-driver-lvm for versions less than 0.4.1-13
CVE-2023-44487 affecting package csi-driver-lvm for versions less than 0.4.1-13. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-0215 affecting package cloud-hypervisor 22.0-2
CVE-2023-0215 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
7.5CVSS
8.4AI Score
0.004EPSS