Lucene search
+L

569 matches found

Virtuozzo
Virtuozzo
added 2025/06/26 12:0 a.m.24 views

Virtuozzo Hybrid Infrastructure 7.0 (7.0.0-250)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service, object and core storage, networking, as well as monitoring and alerts. Additionally, this release delivers stability improvements and addresses issues found in previous releases...

7.1AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2025/06/25 12:0 a.m.11 views

VulnCheck KEV: CVE-2024-48914

Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...

9.1CVSS6AI score0.59798EPSS
In wildExploits1References166
CNVD
CNVD
added 2025/06/06 12:0 a.m.3 views

FreeScout Security Bypass Vulnerability (CNVD-2025-20796)

FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that is caused by incorrect configuration of the root folder of the object Storage. An attacker could exploit the...

7CVSS6.9AI score0.0027EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.5 views

FreeScout 安全漏洞

FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that is caused by incorrect configuration of the root folder of the object Storage. An attacker could exploit the...

7CVSS6.8AI score0.0027EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/25 12:18 a.m.20 views

CVE-2025-2394

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service OSS, leading to sensitive data disclosure...

4.7CVSS6.6AI score0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:33 a.m.9 views

CVE-2023-27589

Minio is a Multi-Cloud Object Storage framework. Starting with RELEASE.2020-12-23T02-24-12Z and prior to RELEASE.2023-03-13T19-46-17Z, a user with consoleAdmin permissions can potentially create a user that matches the root credential accessKey. Once this user is created successfully, the root...

6.5CVSS6.7AI score0.00898EPSS
Exploits1References1
NVD
NVD
added 2025/05/23 1:15 a.m.10 views

CVE-2025-2394

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service OSS, leading to sensitive data disclosure...

4.7CVSS0.00181EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/23 12:3 a.m.4 views

CVE-2025-2394 Disclosure of Alibaba (OSS) Keys In Ecovacs Home Android and iOS Mobile Applications

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service OSS, leading to sensitive data disclosure...

4.7CVSS6.3AI score0.00181EPSS
Exploits0References2
CVE
CVE
added 2025/05/23 12:3 a.m.51 views

CVE-2025-2394

CVE-2025-2394 affects Ecovacs Home mobile apps (Android and iOS) up to version 3.3.0. The root cause is embedded Alibaba OSS access keys and secrets within the app, enabling potential sensitive data disclosure. The accompanying PT-2025-22570 advisory recommends removing or securely storing embedd...

4.7CVSS6.2AI score0.00181EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/23 12:3 a.m.18 views

CVE-2025-2394 Disclosure of Alibaba (OSS) Keys In Ecovacs Home Android and iOS Mobile Applications

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service OSS, leading to sensitive data disclosure...

4.7CVSS0.00181EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.5 views

ECOVACS HOME 安全漏洞

ECOVACS HOME is a smart home management software from ECOVACS, China. A security vulnerability exists in ECOVACS HOME 3.3.0 and prior versions, which originates from embedding Alibaba Object Storage Service access keys and secrets, which could lead to sensitive data leakage...

4.7CVSS6.6AI score0.00181EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.12 views

PT-2025-22570 · Ecovacs · Ecovacs Home

Name of the Vulnerable Software and Affected Versions: Ecovacs Home Android and iOS Mobile Applications versions up to 3.3.0 Description: The issue concerns the disclosure of sensitive data due to embedded access keys and secrets for Alibaba Object Storage Service OSS in the Ecovacs Home mobile...

4.7CVSS6.1AI score0.00181EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 8:43 p.m.6 views

CVE-2021-39900

Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary availability via Rails logs...

4CVSS5.8AI score0.00606EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:16 p.m.7 views

CVE-2020-13268

A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1...

5.3CVSS6.5AI score0.01071EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.5 views

NI Circuit Design Suite 安全漏洞

NI Circuit Design Suite is a circuit design suite from National Instruments NI that provides a complete set of tools for circuit design, simulation, verification, and layout. A security vulnerability exists in NI Circuit Design Suite version 14.3.0 and earlier, which stems from a stack buffer...

8.5CVSS6.7AI score0.0017EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:13 a.m.36 views

Security Bulletin: XSS vulnerability affects IBM Cloud Object Storage System (CVE-2021-39014)

Summary XSS vulnerability affects IBM Cloud Object Storage System CVE-2021-39014. This vulnerability has been addressed in the latest ClevOS releases. Vulnerability Details CVEID:CVE-2021-39014 DESCRIPTION: IBM Cloud Object System is vulnerable to stored cross-site scripting. This vulnerability...

6.4CVSS5.5AI score0.00365EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2025/04/22 12:0 a.m.3 views

Dell ECS Input Validation Error Vulnerability

Dell ECS is an enterprise-class object storage solution from Dell Technologies. Dell ECS suffers from an input validation error vulnerability that stems from the system failing to properly process specific inputs. No details of the vulnerability are provided at this time...

8.8CVSS6.3AI score0.00359EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/15 12:0 a.m.10 views

RHEL 6 / 7 : openstack-swift (RHSA-2015:1895)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1895 advisory. OpenStack Object Storage swift provides object storage in virtual containers, which allows users to store and retrieve files arbitrary data. The...

5CVSS7.1AI score0.02583EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/04/15 12:0 a.m.9 views

RHEL 6 / 7 : openstack-swift (RHSA-2015:1684)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1684 advisory. OpenStack Object Storage swift provides object storage in virtual containers, which allows users to store and retrieve files arbitrary data. The...

5.5CVSS6.4AI score0.03949EPSS
Exploits0References5
OSV
OSV
added 2025/04/14 11:14 a.m.47 views

BIT-MINIO-2025-31489 MinIO performs incomplete signature validation for unsigned-trailer uploads

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...

8.7CVSS5.9AI score0.02421EPSS
Exploits0References3
Rows per page
Query Builder