Lucene search
+L

223 matches found

Snyk
Snyk
added 2026/04/14 12:4 a.m.4 views

Missing Authentication for Critical Function

Overview github.com/minio/minio/cmd is an open source object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the PutObjectExtractHandler, PutObjectHandler, and PutObjectPartHandler function. An...

8.8CVSS5.8AI score0.00418EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/11 12:0 a.m.15 views

PT-2026-34231

Name of the Vulnerable Software and Affected Versions MinIO versions RELEASE.2023-05-18T00-05-36Z through RELEASE.2026-04-11T03-20-12Z Description An authentication bypass exists in the Snowball auto-extract handler PutObjectExtractHandler. This issue allows a user with a valid access key to writ...

8.8CVSS5.8AI score0.00418EPSS
Exploits0References11
EUVD
EUVD
added 2026/03/30 7:42 p.m.6 views

EUVD-2026-17206

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. From version 2.14.2 to before version 2.17.0 for parameters "before" and "after" and from version 2.1.0-beta to before version 2.17.0 for parameters "sectionid" and "userid", the /api/v2?cmd=gethomestats endpoint passe...

4.9CVSS5.9AI score0.004EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.6 views

CVE-2026-4219

A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument...

4.8CVSS5.3AI score0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/23 9:36 p.m.3 views

CVE-2026-32913 OpenClaw < 2026.3.7 - Custom Authorization Header Leakage via Cross-Origin Redirects

OpenClaw before 2026.3.7 contains an improper header validation vulnerability in fetchWithSsrFGuard that forwards custom authorization headers across cross-origin redirects. Attackers can trigger redirects to different origins to intercept sensitive headers like X-Api-Key and Private-Token intend...

9.3CVSS5.8AI score0.00316EPSS
Exploits0References3
CNVD
CNVD
added 2026/03/19 12:0 a.m.5 views

WordPress Plugin wpDiscuz Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin wpDiscuz, which stems fr...

6.9CVSS5.8AI score0.00274EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2026-12353

A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument...

4.8CVSS5.3AI score0.00104EPSS
Exploits0References5
NVD
NVD
added 2026/03/16 2:20 p.m.4 views

CVE-2026-4219

A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument...

4.8CVSS0.00104EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/16 6:2 a.m.1 views

CVE-2026-4219 INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App ae.index.apgcs BuildConfig.java hard-coded credentials

A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument...

4.8CVSS5.3AI score0.00104EPSS
Exploits0References4
CVE
CVE
added 2026/03/16 5:2 a.m.24 views

CVE-2026-4217

CVE-2026-4217 affects XREAL Nebula App up to version 3.2.1 on Android. The vulnerability resides in ai.nreal.nebula.universal’s CloudStoragePlugin.java (ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java) where manipulation of accessKey/secretAccessKey/securityToken can lead to unprotected sto...

2.5CVSS5AI score0.00097EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

INDEX Conferences and Exhibitions Organization YWF BPOF APGCS App 安全漏洞

INDEX Conferences and Exhibitions Organization YWF BPOF APGCS App is an application for organizing conferences and exhibitions. Versions of INDEX Conferences and Exhibitions Organization YWF BPOF APGCS App prior to 1.0.2 have security vulnerabilities. These vulnerabilities stem from improper...

4.8CVSS5.8AI score0.00104EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.7 views

PT-2026-25618

A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument ACCESS...

4.8CVSS5.3AI score0.00104EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.7 views

CVE-2025-62879

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...

6.8CVSS5.8AI score0.0034EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/05 7:20 p.m.8 views

EUVD-2026-9849

Incorrect Authorization vulnerability in hexpm hexpm/hexpm 'Elixir.HexpmWeb.API.OAuthController' module allows Privilege Escalation. An API key created with read-only permissions domain: "api", resource: "read" can be escalated to full write access under specific conditions. When exchanging a...

7CVSS6AI score0.00323EPSS
Exploits0References2
NVD
NVD
added 2026/03/04 4:16 p.m.11 views

CVE-2025-62879

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...

6.8CVSS0.0034EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/04 3:8 p.m.6 views

CVE-2025-62879

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...

6.8CVSS5.8AI score0.0034EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/04 3:8 p.m.4 views

CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...

6.8CVSS5.8AI score0.0034EPSS
Exploits0References2
OSV
OSV
added 2026/03/04 3:8 p.m.6 views

CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...

6.8CVSS7AI score0.0034EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/04 3:8 p.m.41 views

CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs...

6.8CVSS0.0034EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 4:44 p.m.3 views

GHSA-WJ3P-5H3X-C74Q Rancher Backup Operator pod's logs leak S3 tokens

Impact A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens both accessKey and secretKey into the rancher-backup-operator pod's logs. Specifically, the S3 accessKey and secretKey are exposed in the pod's logs under the following logging lev...

6.8CVSS5.8AI score0.0034EPSS
Exploits0References4
Rows per page
Query Builder