Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/04/01 9:44 p.m.1 views

EUVD-2026-18019

Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints...

6.5CVSS5.9AI score0.00024EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/01 7:51 p.m.2 views

CVE-2026-34750

Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...

6.5CVSS5.8AI score0.00024EPSS
Exploits0References2Affected Software1
Snyk
Snykadded 2026/03/11 10:40 p.m.3 views

Incorrect Authorization

Overview @studiocms/s3-storage is an Add S3 Storage Support into your StudioCMS project. Affected versions of this package are vulnerable to Incorrect Authorization via the S3ApiService POST/PUT handlers in the S3 storage manager. An attacker can gain full S3 file management upload, delete, renam...

7.6CVSS5.8AI score0.00053EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/13 12:0 a.m.2 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : eclipse-jgit (SUSE-SU-2025:02762-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02762-1 advisory. - CVE-2025-4949: Fixed the XXE vulnerability in ManifestParser and AmazonS3 class bsc1243647. Tenable ha...

6.8CVSS6.5AI score0.00197EPSS
Exploits1References4
OSV
OSVadded 2022/12/27 10:15 p.m.1 views

DEBIAN-CVE-2022-2582

The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it...

4.3CVSS4.9AI score0.00084EPSS
Exploits1References1
CNNVD
CNNVDadded 2022/04/06 12:0 a.m.1 views

HTCondor 日志信息泄露漏洞

HTCondor is a workload management system at the University of Wisconsin-Madison USA. The system provides job queuing mechanisms, scheduling policies, prioritization schemes, resource monitoring and resource management. A security vulnerability exists in HTCondor versions 9.0.x through 9.0.10 and...

8.1CVSS7.6AI score0.00282EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2020/04/22 2:10 p.m.2 views

Ansible: modules which use files encrypted with vault are not properly cleaned up

A flaw was found on Ansible Engine when using modules which decrypts vault files such as assemble, script, unarchive, wincopy, awss3 or copy modules. The temporary directory is created in /tmp leaves the secrets unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root...

5.5CVSS7.1AI score0.00205EPSS
Exploits0References4
CNVD
CNVDadded 2015/07/12 12:0 a.m.2 views

WordPress S3Bubble Amazon S3 Video And Audio Streaming With Analytics Plugin Arbitrary File Download Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.S3Bubble Amazon S3 Video And Audio Streaming With Analytics is a plugin for getting secure streaming from Amazon S3 to the Wordpress website in a plugin...

7AI score
Exploits0References1
Rows per page
Query Builder