Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

31 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-2927

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.04299EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-0632

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00468EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-47108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary...

7.5CVSS6.8AI score0.04299EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/02/10 12:0 a.m.7 views

Azure Linux 3.0 Security Update: containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc (CVE-2023-47108)

The version of containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47108 advisory. - OpenTelemetry-Go Contrib is a collecti...

7.5CVSS6.8AI score0.04299EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/08/06 12:0 a.m.17 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2024-697)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-697 advisory. 2024-08-28: CVE-2024-24790 was added to this advisory. 2024-08-09: CVE-2023-47108 was removed from this advisory. 2024-08-09: The severity of this advisory has been changed from Important to...

9.8CVSS7AI score0.04299EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2024/02/19 12:0 a.m.34 views

Fedora 39 : caddy (2024-22b915e51a)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-22b915e51a advisory. Update to the latest upstream version, which includes a fix for CVE-2023-45142. https://github.com/caddyserver/caddy/releases/tag/v2.7.6 Tenable has extracte...

7.5CVSS8.1AI score0.01159EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/02/06 12:0 a.m.44 views

Amazon Linux 2 : containerd (ALASDOCKER-2024-037)

The version of containerd installed on the remote host is prior to 1.7.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2024-037 advisory. 2024-02-15: CVE-2023-39326 was added to this advisory. 2024-02-15: CVE-2023-47108 was added to this advisory. The...

7.5CVSS7AI score0.04299EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletinsadded 2024/01/30 8:15 a.m.73 views

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from go-yaml, OpenSSL, GnuTLS , OpenTelemetry-Go, go-toolset and urllib3

Summary OpenSSL, go-yaml, GnuTLS , OpenTelemetry-Go and urllib3 are consumed through RedHat UBI, go-toolset and OSE packages. These packages are shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID:CVE-2022-28948 DESCRIPTION: Go-Yaml is vulnerabl...

8.1CVSS8.3AI score0.01524EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessusadded 2024/01/23 12:0 a.m.24 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2024-499)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-499 advisory. 2024-08-09: CVE-2023-47108 was removed from this advisory. 2024-08-09: The severity of this advisory has been changed from Important to Medium.2024-04-10: CVE-2023-39326 was added to this advisory...

7.5CVSS6.9AI score0.04299EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/01/23 12:0 a.m.50 views

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2024-498)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-498 advisory. 2024-02-29: CVE-2023-47108 was added to this advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as...

7.5CVSS7AI score0.04299EPSS
Exploits0References10
Amazon
Amazonadded 2024/01/22 12:0 a.m.49 views

Important: amazon-cloudwatch-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

7.5CVSS7.9AI score0.04299EPSS
Exploits0
Amazon
Amazonadded 2024/01/22 12:0 a.m.8 views

Important: amazon-cloudwatch-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

7.5CVSS7.2AI score0.04299EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2024/01/18 12:0 a.m.46 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.9 (RHSA-2024:0207)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0207 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.1AI score0.04299EPSS
Exploits0References7
F5 Networks
F5 Networksadded 2024/01/16 8:8 p.m.40 views

K000138255: Go OpenTelemetry Contrib vulnerability CVE-2023-47108

Security Advisory Description OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS6.3AI score0.04299EPSS
Exploits0
NVD
NVDadded 2023/11/10 7:15 p.m.29 views

CVE-2023-47108

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS0.04299EPSS
Exploits0References7
Prion
Prionadded 2023/11/10 7:15 p.m.33 views

Code injection

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the server's potential memory exhaustio...

5CVSS7AI score0.04299EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCveadded 2023/11/10 7:15 p.m.31 views

CVE-2023-47108

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS6.8AI score0.04299EPSS
Exploits0References1
OSV
OSVadded 2023/11/10 6:31 p.m.30 views

CVE-2023-47108 DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS6.3AI score0.04299EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2023/11/10 6:31 p.m.12 views

CVE-2023-47108 DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS6AI score0.04299EPSS
Exploits0References7
Cvelist
Cvelistadded 2023/11/10 6:31 p.m.37 views

CVE-2023-47108 DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS7.6AI score0.04299EPSS
Exploits0References7
Rows per page
Query Builder