VGPU Software (guest Driver - Linux), VGPU Software (Virtual GPU Manager - Citrix Hypervisor, VMware VSphere, Red Hat Enterprise Linux KVM), , NVIDIA Cloud Gaming (guest Driver - Linux), NVIDIA Cloud Gaming (Virtual GPU Manager - Red Hat Enterprise Linux KVM) Security Vulnerabilities

CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13

CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13. A patched version of the package is...

CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5

CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5. An upgraded version of the package is available that resolves this...

CVE-2023-45853 affecting package rubygem-mini_portile2 for versions less than 2.8.0-1

CVE-2023-45853 affecting package rubygem-mini_portile2 for versions less than 2.8.0-1. A patched version of the package is...

CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10

CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...

CVE-2023-44487 affecting package packer for versions less than 1.8.1-14

CVE-2023-44487 affecting package packer for versions less than 1.8.1-14. A patched version of the package is...

CVE-2024-24788 affecting package golang for versions less than 1.22.3-1

CVE-2024-24788 affecting package golang for versions less than 1.22.3-1. A patched version of the package is...

CVE-2024-30204 affecting package emacs for versions less than 29.3

CVE-2024-30204 affecting package emacs for versions less than 29.3. A patched version of the package is...

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...

CVE-2023-44487 affecting package opa for versions less than 0.50.2-6

CVE-2023-44487 affecting package opa for versions less than 0.50.2-6. A patched version of the package is...

CVE-2023-44487 affecting package nmi for versions less than 1.8.7-14

CVE-2023-44487 affecting package nmi for versions less than 1.8.7-14. This CVE either no longer is or was never...

CVE-2023-44487 affecting package kubernetes for versions less than 1.28.3-1

CVE-2023-44487 affecting package kubernetes for versions less than 1.28.3-1. A patched version of the package is...

CVE-2023-29406 affecting package golang for versions less than 1.20.7-1

CVE-2023-29406 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-39323 affecting package golang for versions less than 1.20.10-1

CVE-2023-39323 affecting package golang for versions less than 1.20.10-1. A patched version of the package is...

CVE-2023-29409 affecting package golang for versions less than 1.20.7-1

CVE-2023-29409 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10

CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5

CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...

CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1

CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1. This CVE either no longer is or was never...

CVE-2023-44487 affecting package node-problem-detector for versions less than 0.8.10-16

CVE-2023-44487 affecting package node-problem-detector for versions less than 0.8.10-16. A patched version of the package is...

CVE-2023-44487 affecting package multus for versions less than 3.8-12

CVE-2023-44487 affecting package multus for versions less than 3.8-12. A patched version of the package is...

CVE-2023-24538 affecting package golang for versions less than 1.19.8-1

CVE-2023-24538 affecting package golang for versions less than 1.19.8-1. A patched version of the package is...

CVE-2023-44487 affecting package coredns for versions less than 1.11.1-1

CVE-2023-44487 affecting package coredns for versions less than 1.11.1-1. A patched version of the package is...

CVE-2023-39325 affecting package coredns for versions less than 1.9.3-9

CVE-2023-39325 affecting package coredns for versions less than 1.9.3-9. A patched version of the package is...

CVE-2023-29400 affecting package golang for versions less than 1.20.7-1

CVE-2023-29400 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-24534 affecting package golang for versions less than 1.20.7-1

CVE-2023-24534 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-39533 affecting package golang for versions less than 1.19.12-1

CVE-2023-39533 affecting package golang for versions less than 1.19.12-1. A patched version of the package is...

CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2

CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2. This CVE either no longer is or was never...

CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15

CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15. A patched version of the package is...

CVE-2023-39325 affecting package opa for versions less than 0.50.2-6

CVE-2023-39325 affecting package opa for versions less than 0.50.2-6. A patched version of the package is...

CVE-2023-44487 affecting package local-path-provisioner for versions less than 0.0.21-12

CVE-2023-44487 affecting package local-path-provisioner for versions less than 0.0.21-12. A patched version of the package is...

CVE-2023-44487 affecting package kubevirt for versions less than 0.59.0-9

CVE-2023-44487 affecting package kubevirt for versions less than 0.59.0-9. A patched version of the package is...

CVE-2023-44487 affecting package jx for versions less than 3.2.236-13

CVE-2023-44487 affecting package jx for versions less than 3.2.236-13. A patched version of the package is...

CVE-2023-44487 affecting package influxdb for versions less than 2.6.1-11

CVE-2023-44487 affecting package influxdb for versions less than 2.6.1-11. A patched version of the package is...

CVE-2023-24539 affecting package golang for versions less than 1.20.7-1

CVE-2023-24539 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2022-41725 affecting package golang for versions less than 1.19.5-1

CVE-2022-41725 affecting package golang for versions less than 1.19.5-1. A patched version of the package is...

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2022-41724 affecting package golang for versions less than 1.19.6-1

CVE-2022-41724 affecting package golang for versions less than 1.19.6-1. A patched version of the package is...

CVE-2023-39325 affecting package golang for versions less than 1.20.7-2

CVE-2023-39325 affecting package golang for versions less than 1.20.7-2. A patched version of the package is...

CVE-2024-5662 Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) <= 3.11.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Count (Static) Widget

The Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the Social Count (Static) widget in all versions up to,.....

CVE-2024-5662 Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) <= 3.11.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Count (Static) Widget

The Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the Social Count (Static) widget in all versions up to,.....

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and...

BIT-gitlab-2024-1493

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the...

BIT-gitlab-2024-1816

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenAPI...

BIT-gitlab-2024-2191

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows merge request title to be visible publicly despite being set as project members...

BIT-gitlab-2024-3115

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo...

BIT-gitlab-2024-3959

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any...

CVE-2024-30135 Sensitive Information Disclosure vulnerability affects DRYiCE AEX v10

HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is...

BIT-gitlab-2024-4011

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to...

BIT-gitlab-2024-4557

Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1 which allowed an attacker to cause resource exhaustion via banzai...

BIT-gitlab-2024-4901

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit...

BIT-gitlab-2024-5430

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project maintainer can delete the merge request approval policy via...