Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/10 1:55 p.m.35 views

CVE-2026-53470 Migration-planner: getsourcedownloadurl missing organization check

A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the /api/v1/sources/id/image-url endpoint. This flaw allows the attacker to bypass an ownership check and obtain presigned S3 URLs for Open Virtual Appliance OVA images...

9.6CVSS0.0028EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 1:55 p.m.8 views

CVE-2026-53470

A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the /api/v1/sources/id/image-url endpoint. This flaw allows the attacker to bypass an ownership check and obtain presigned S3 URLs for Open Virtual Appliance OVA images...

9.6CVSS5.5AI score0.0028EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.11 views

PT-2026-48444

Name of the Vulnerable Software and Affected Versions migration-planner affected versions not specified Description An improper access control flaw exists in the '/api/v1/sources/id/image-url' endpoint. An authenticated attacker can bypass ownership checks to obtain presigned S3 URLs for Open...

9.6CVSS5.9AI score0.0028EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

Migration assessment 安全漏洞

Migration assessment is an open-source tool developed by KubeV2V for evaluating and providing migration recommendations for VMware environments. There is a security vulnerability in Migration assessment. This vulnerability stems from the /api/v1/sources/id/image-url endpoint, where improper acces...

9.6CVSS5.3AI score0.0028EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/26 7:17 p.m.18 views

Security Bulletin: IBM API Connect V 2018 (ova) is impacted by weak cryptographic algorithms (CVE-2020-4452)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-4452 DESCRIPTION: IBM API Connect uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 5.9 CVSS Temporal...

7.5CVSS1.1AI score0.00792EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/19 2:45 p.m.34 views

Security Bulletin: API Connect V2018 is impacted by a directory traversal vulnerability in Kubernetes (CVE-2019-1002101)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-1002101 DESCRIPTION: Kubernetes could allow a remote attacker to traverse directories on the system, caused by the improper handling of symlinks. By persuading a victim to use the kubectl cp...

6.4CVSS1.2AI score0.13164EPSS
Exploits2Affected Software1
Rows per page
Query Builder