CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1876 matches found

Cvelist•added 2023/08/08 9:2 p.m.•20 views

CVE-2023-39951 Instrumentation for AWS SDK v2 captures email content when using Amazon Simple Email Service (SES) v1 API, exposing that content to the telemetry backend

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. OpenTelemetry Java Instrumentation prior to version 1.28.0 contains an issue related to the instrumentation of Java applications using the AWS SDK v2 with Amazon Simple Email...

6.5CVSS6.5AI score0.00672EPSS

Exploits1References3

Vulnrichment•added 2023/08/08 9:2 p.m.•16 views

CVE-2023-39951 Instrumentation for AWS SDK v2 captures email content when using Amazon Simple Email Service (SES) v1 API, exposing that content to the telemetry backend

6.5CVSS6.4AI score0.00672EPSS

Exploits1References3

CNNVD•added 2023/08/08 12:0 a.m.•3 views

OpenTelemetry Instrumentation for Java Information Disclosure Vulnerability

OpenTelemetry Instrumentation for Java is an OpenTelemetry open source Java agent JAR. An information disclosure vulnerability exists in OpenTelemetry Instrumentation for Java prior to version 1.28.0, which stems from the fact that when detecting a SES POST request, the request's query parameter ...

6.5CVSS6.2AI score0.00672EPSS

Exploits1References5

Positive Technologies•added 2023/08/08 12:0 a.m.•3 views

PT-2023-27169 · Amazon · Aws Sdk +1

Name of the Vulnerable Software and Affected Versions: OpenTelemetry Java Instrumentation versions prior to 1.28.0 Description: The issue is related to the instrumentation of Java applications using the AWS SDK v2 with Amazon Simple Email Service SES v1 API. When SES POST requests are instrumente...

6.5CVSS6.3AI score0.00672EPSS

Exploits1References8

Microsoft Secure•added 2023/08/03 10:0 a.m.•9 views

Cyber Signals: Sporting events and venues draw cyberthreats at increasing rates

Today we released the fifth edition of Cyber Signals, spotlighting threats to large venues, and sporting and entertainment events, based on our learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the State of Qatar’s hosting of the FIFA World...

6.7AI score

Exploits0

The Hacker News•added 2023/07/26 10:2 a.m.•35 views

New AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated Attacks

Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence AI tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. "This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear...

6.5AI score

Exploits0

BDU FSTEC•added 2023/07/26 12:0 a.m.•5 views

The vulnerability of the Connected User Experiences and Telemetry operating system service allows attackers to enhance their privileges.

The vulnerability of the Connected User Experiences and Telemetry services in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS6.9AI score0.00459EPSS

Exploits0References2

BDU FSTEC•added 2023/07/26 12:0 a.m.•3 views

The vulnerability of Connected User Experiences and Telemetry Services for Windows operating systems allows attackers to execute processes with elevated privileges.

The vulnerability of Connected User Experiences and Telemetry Services in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to execute processes with elevated privileges through a specially created application...

7.8CVSS7.5AI score0.00513EPSS

Exploits0References3