Lucene search
K

5 matches found

CVE
CVE
added 8 hours ago7 views

CVE-2026-54563

Cloudreve CVE-2026-54563 describes a path traversal / broken access control in the WebDAV interface under /dav. Before version 4.16.1, a WebDAV account rooted at a configured folder could send paths like /dav/%2e%2e/outside.txt because stripPrefix in pkg/webdav/webdav.go joins the decoded request...

7.1CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 2025/12/15 7:45 p.m.25 views

CVE-2025-14503 Overly Permissive Trust Policy in Harmonix on AWS EKS

An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...

8.6CVSS0.00447EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/15 7:45 p.m.2 views

CVE-2025-14503 Overly Permissive Trust Policy in Harmonix on AWS EKS

An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...

8.6CVSS7.1AI score0.00447EPSS
Exploits0References3
Veracode
Veracode
added 2023/06/21 4:1 a.m.21 views

Overly Permissive Trust Policies

aws-cdk is vulnerable to Overly Permissive Trust Policies. The vulnerability exists because the library's CreationRole and the default MastersRole use the account root principal in their trust policy, which allows eks.Cluster and eks.FargateCluster construct clusters to create two roles that have...

8.8CVSS6.8AI score0.00897EPSS
Exploits1References7Affected Software2
OSV
OSV
added 2017/09/13 5:29 p.m.7 views

CVE-2017-14427

D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices have 0666 /var/run/storageaccountroot permissions...

7.8CVSS5.8AI score0.0034EPSS
Exploits1References1
Rows per page
Query Builder