EUVD-2024-36563

Malicious code in bioql PyPI...

OpenAtlas 跨站脚本漏洞

OpenAtlas is an Android non-proxy dynamic deployment framework from the Austrian company OpenAtlas. A cross-site scripting vulnerability exists in OpenAtlas version v8.9.0, which stems from insufficient validation of user input in a POST request and could lead to a cross-site scripting attack...

OpenAtlas 跨站脚本漏洞

OpenAtlas is an Android non-proxy dynamic deployment framework from the Austrian company OpenAtlas. A cross-site scripting vulnerability exists in OpenAtlas version v8.9.0, which stems from insufficient validation of user input in a POST request and could lead to a cross-site scripting attack...

CVE-2024-37293

The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...

CVE-2024-37293

The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...

CVE-2024-37293 aws-deployment-framework's potential risk can lead to privilege escalation

The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...

CVE-2024-37293 aws-deployment-framework's potential risk can lead to privilege escalation

The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...

CVE-2024-37293

The CVE concerns the AWS Deployment Framework (ADF) bootstrap process. Prior to v4.0.0, the bootstrap CodeBuild role could call sts:AssumeRole without restrictions, enabling escalation to any AWS account in the organization with elevated privileges. Patches are included in aws-deployment-framewor...

CVE-2024-37293 aws-deployment-framework's potential risk can lead to privilege escalation

The AWS Deployment Framework ADF is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or resources via the structure defined in AWS Organizations...

Amazon AWS Deployment Framework Security Vulnerability

Amazon AWS Deployment Framework is a broad and flexible framework from Amazon.com, Inc. for managing and deploying resources across multiple AWS accounts and regions within an AWS organization. A security vulnerability exists in Amazon AWS Deployment Framework versions prior to 4.0.0 that stems...

PT-2024-27450 · Amazon · Aws-Deployment-Framework

Name of the Vulnerable Software and Affected Versions: aws-deployment-framework versions prior to 4.0.0 Description: The AWS Deployment Framework ADF contains a bootstrap process that relies on elevated privileges to deploy ADF's bootstrap stacks, facilitating multi-account cross-region...

DoD Secure Host Baseline

NSA Information Assurance configuration guidance and files in support of the DoD Secure Host Baseline The Secure Host Baseline SHB provides an automated and flexible approach for assisting the DoD in deploying the latest releases of Windows 10 using a framework that can be consumed by organizatio...