Lucene search
K

149 matches found

Chainguard
Chainguard
added 2024/03/05 11:15 p.m.76 views

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: helm-operator-fips, nfs-subdir-external-provisioner-fips, cass-operator-fips-no-pvc-delete, gomplate, crossplane-provider-aws-kms, trust-manager, kube-rbac-proxy-fips, prometheus-node-exporter, osv-scanner, caddy-fips, flux-image-automation-controller,...

7.5CVSS6.7AI score0.01262EPSS
Exploits0
Wolfi
Wolfi
added 2024/03/05 11:15 p.m.570 views

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: grpcurl, terraform-docs, sbom-scorecard, nerdctl, clusterctl, s5cmd, cert-exporter, kubewatch, velero, nuclei, flux-helm-controller, capslock, task, crossplane-provider-azure, ip-masq-agent, gobuster, litefs, nri-nagios, kustomize, direnv, docker-credential-ecr-login...

4.3CVSS6.7AI score0.0108EPSS
Exploits0
Wiz blog
Wiz blog
added 2024/02/09 7:10 p.m.19 views

New attack vectors in EKS

We explore how advancements in EKS Access Entries and Pod Identity have opened new attack vectors and offer examples of how adversaries could exploit them...

7.1AI score
Exploits0
Wiz blog
Wiz blog
added 2024/02/06 5:19 p.m.16 views

New EKS Access Management and Pod Identity features: a security analysis

The Wiz research team unpacks the security implications of the new EKS access and identity management features and recommends best practices when using them...

7.4AI score
Exploits0
Chainguard
Chainguard
added 2023/10/25 9:17 p.m.83 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: prometheus-blackbox-exporter, kiam, cortex, terraform-provider-sendgrid-fips, dynamic-localpv-provisioner-fips, src, conftest-fips, kubescape, prometheus-adapter-fips, k3d, prometheus-stackdriver-exporter, slsa-verifier, buildkitd, kubeflow, vault-csi-provider,...

5.9AI score
Exploits0
Kitploit
Kitploit
added 2023/08/04 12:30 p.m.20 views

IMDShift - Automates Migration Process Of Workloads To IMDSv2 To Avoid SSRF Attacks

AWS workloads that rely on the metadata endpoint are vulnerable to Server-Side Request Forgery SSRF attacks. IMDShift automates the migration process of all workloads to IMDSv2 with extensive capabilities, which implements enhanced security measures to protect against these attacks. Features...

7.1AI score
Exploits0References2
Chainguard
Chainguard
added 2023/08/02 8:15 p.m.53 views

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: prometheus-blackbox-exporter, prometheus-mongodb-exporter, nfs-subdir-external-provisioner-fips, nfs-subdir-external-provisioner, gomplate, dive, falcoctl, trust-manager, pulumi, volume-modifier-for-k8s-fips, prometheus-node-exporter, flux-image-automation-controller...

6.1CVSS6.6AI score0.00843EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/07/17 2:15 p.m.3 views

CVE-2023-2959

Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users. This issue affects Oliva Expertise EKS: before 1.2...

7.5CVSS7.1AI score0.00526EPSS
Exploits0References3
OSV
OSV
added 2023/07/17 2:15 p.m.3 views

CVE-2023-2963

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection.This issue affects Oliva Expertise EKS: before 1.2...

9.8CVSS5.8AI score0.00519EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/07/17 2:15 p.m.4 views

CVE-2023-2963

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection. This issue affects Oliva Expertise EKS: before 1.2...

9.8CVSS7.4AI score0.00519EPSS
Exploits0References3
NVD
NVD
added 2023/07/17 2:15 p.m.18 views

CVE-2023-2960

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Oliva Expertise Oliva Expertise EKS allows Cross-Site Scripting XSS. This issue affects Oliva Expertise EKS: before 1.2...

6.1CVSS0.00312EPSS
Exploits0References2
NVD
NVD
added 2023/07/17 2:15 p.m.21 views

CVE-2023-2963

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection. This issue affects Oliva Expertise EKS: before 1.2...

9.8CVSS0.00519EPSS
Exploits0References2
NVD
NVD
added 2023/07/17 2:15 p.m.17 views

CVE-2023-2959

Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users. This issue affects Oliva Expertise EKS: before 1.2...

7.5CVSS0.00526EPSS
Exploits0References2
OSV
OSV
added 2023/07/17 2:15 p.m.1 views

CVE-2023-2959

Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users.This issue affects Oliva Expertise EKS: before 1.2...

7.5CVSS5.8AI score0.00526EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/07/17 2:15 p.m.5 views

CVE-2023-2960

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Oliva Expertise Oliva Expertise EKS allows Cross-Site Scripting XSS. This issue affects Oliva Expertise EKS: before 1.2...

6.1CVSS6.4AI score0.00312EPSS
Exploits0References3
Prion
Prion
added 2023/07/17 2:15 p.m.14 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection.This issue affects Oliva Expertise EKS: before 1.2...

7.5CVSS9.7AI score0.00519EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/17 2:15 p.m.11 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Oliva Expertise Oliva Expertise EKS allows Cross-Site Scripting XSS.This issue affects Oliva Expertise EKS: before 1.2...

5.8CVSS6.1AI score0.00312EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/17 1:33 p.m.41 views

CVE-2023-2963 SQLi in Oliva Expertise

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection. This issue affects Oliva Expertise EKS: before 1.2...

9.8CVSS10AI score0.00519EPSS
Exploits0References2
CVE
CVE
added 2023/07/17 1:33 p.m.27 views

CVE-2023-2963

CVE-2023-2963 is a SQL Injection vulnerability in Oliva Expertise EKS, caused by improper neutralization of special elements in SQL commands. Affected product: Oliva Expertise EKS prior to version 1.2. Impact described in connected records: high confidentiality, integrity, and availability risks ...

9.8CVSS7.4AI score0.00519EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/17 1:33 p.m.32 views

CVE-2023-2963 SQLi in Oliva Expertise

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection. This issue affects Oliva Expertise EKS: before 1.2...

9.8CVSS7.4AI score0.00519EPSS
Exploits0References2
Rows per page
Query Builder