Lucene search
+L

59 matches found

Malwarebytes
Malwarebytes
added yesterday7 views

Shark vacuum flaw exposes cameras, home maps and Wi-Fi passwords

Shark’s cloud-connected robot vacuums are currently exposed by an unpatched AWS Amazon Web Services IoT Internet of Things policy flaw that could turn one compromised device into a remote-control skeleton key for many others in the same region, with access to cameras, maps, and Wi‑Fi passwords. A...

6AI score
Exploits0
Chainguard
Chainguard
added 2026/07/08 2:17 a.m.12 views

CVE-2026-53203 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp, linux-qemu-melange...

7.1CVSS5.1AI score0.00153EPSS
Exploits0
Chainguard
Chainguard
added 2026/07/08 2:17 a.m.11 views

GHSA-GVRM-XH5G-W8V6 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp, linux-qemu-melange...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/07/08 2:17 a.m.6 views

GHSA-WFX4-V2WF-4GMP vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp, linux-qemu-melange...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/07/08 2:17 a.m.11 views

GHSA-MRV3-46FP-R6HH vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp, linux-qemu-melange...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/07/08 2:17 a.m.8 views

CVE-2026-53216 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp, linux-qemu-melange...

9.8CVSS5.1AI score0.00546EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/16 1:18 a.m.18 views

CVE-2026-31600 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp...

7.5CVSS7.2AI score0.0029EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/16 1:18 a.m.28 views

GHSA-4GX5-8RX4-VXMJ vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp...

5.3AI score
Exploits0
OSV
OSV
added 2026/04/10 3:16 a.m.5 views

UBUNTU-CVE-2026-33551

An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted application credential to call the EC2 credential creation API, an authenticated user with only a reader role...

5.3CVSS5.8AI score0.0022EPSS
Exploits1References5
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.9 views

GHSA-WGXF-R68R-7W9H vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.6 views

CVE-2025-38205 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp...

5.5CVSS5.5AI score0.00129EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.7 views

CVE-2026-23210 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp...

4.7CVSS4.9AI score0.00106EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.7 views

CVE-2026-23226 vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp...

8.8CVSS8AI score0.00423EPSS
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.8 views

GHSA-G4VW-3HQ5-Q7GR vulnerabilities

Vulnerabilities for packages: linux-azure, linux-vmware, linux-qemu, linux-aws, linux-gcp...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/04/01 9:44 p.m.3 views

EUVD-2026-18019

Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints...

6.5CVSS5.9AI score0.00341EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/01 7:51 p.m.9 views

CVE-2026-34750

Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...

6.5CVSS5.8AI score0.00341EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/01 9:35 a.m.4 views

CLEANSTART-2026-ZW38648 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-p77j-4mvh-x3m3 applied in versions: 1.12.2-r2, 1.12.2-r3

Multiple security vulnerabilities affect the velero-plugin-for-aws package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.8AI score0.01945EPSS
Exploits4References22
Snyk
Snyk
added 2026/03/11 10:40 p.m.7 views

Incorrect Authorization

Overview @studiocms/s3-storage is an Add S3 Storage Support into your StudioCMS project. Affected versions of this package are vulnerable to Incorrect Authorization via the S3ApiService POST/PUT handlers in the S3 storage manager. An attacker can gain full S3 file management upload, delete, renam...

7.6CVSS5.8AI score0.00183EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/09 9:8 p.m.2 views

CVE-2026-1776 Camaleon CMS AWS Uploader Authenticated Path Traversal Arbitrary File Read

Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

6CVSS5.8AI score0.00732EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/02 9:20 p.m.5 views

EUVD-2026-9265

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVPaes128ccm, EVPaes192ccm, and EVPaes256ccm. Customers of AWS servic...

8.2CVSS5.9AI score0.01079EPSS
Exploits0References2
Rows per page
Query Builder