566 matches found
EUVD-2021-8692
Malicious code in bioql PyPI...
EUVD-2022-3307
Malicious code in bioql PyPI...
EUVD-2022-3554
Malicious code in bioql PyPI...
EUVD-2022-4873
Malicious code in bioql PyPI...
EUVD-2023-1573
Malicious code in bioql PyPI...
EUVD-2024-1541
Malicious code in bioql PyPI...
EUVD-2023-29705
Malicious code in bioql PyPI...
EUVD-2021-8679
Malicious code in bioql PyPI...
CVE-2025-57682
Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API...
GHSA-GWRF-JF3H-W649 vulnerabilities
Vulnerabilities for packages: octo-sts, pvc-autoresizer, custom-pod-autoscaler-operator, cloud-provider-aws, container-object-storage-interface, addon-resizer, gostatsd, nats, newrelic-fluent-bit-output, secrets-store-csi-driver-provider-aws, k8sgpt-operator, kube-vip, vexctl, lvm-driver,...
GHSA-GWRF-JF3H-W649 vulnerabilities
Vulnerabilities for packages: docker-credential-ecr-login, custom-pod-autoscaler-operator, container-object-storage-interface, secrets-store-csi-driver-provider-aws, shfmt, gitsign, knative-eventing, kube-logging-operator-custom-runner-fips, cloud-provider-aws, newrelic-fluent-bit-output,...
An Inside Look at our Next Gen Object Storage Launch
...
Linux Distros Unpatched Vulnerability : CVE-2021-39900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary...
Malicious code in object-storage-service (npm)
The package object-storage-service was found to contain malicious code...
MAL-2025-34706 Malicious code in tencentcloud-cos-sdk-react-native (npm)
The package tencentcloud-cos-sdk-react-native was found to contain malicious code...
MAL-2025-28044 Malicious code in object-storage-service (npm)
The package object-storage-service was found to contain malicious code...
Security Bulletin: Vulnerability with spring-security-crypto and jinja affect IBM Cloud Object Storage Systems (July 2025)
Summary Vulnerability with spring-security-crypto CVE-2025-22228 and jinja CVE-2025-27516 . This vulnerability has been addressed in the latest ClevOS release. Vulnerability Details CVEID:CVE-2025-22228 DESCRIPTION: BCryptPasswordEncoder.matchesCharSequence,String will incorrectly return true for...
Virtuozzo Hybrid Infrastructure 7.0 (7.0.0-250)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service, object and core storage, networking, as well as monitoring and alerts. Additionally, this release delivers stability improvements and addresses issues found in previous releases...
VulnCheck KEV: CVE-2024-48914
Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...
FreeScout Security Bypass Vulnerability (CNVD-2025-20796)
FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that is caused by incorrect configuration of the root folder of the object Storage. An attacker could exploit the...