Lucene search
K

44 matches found

RustSec
RustSec
added 2024/07/23 12:0 p.m.5 views

Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files

Exposure of temporary credentials in logs in Apache Arrow Rust Object Store, version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity. This allows someone with access to the logs t...

7.5CVSS7.3AI score0.0071EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/01/03 12:0 a.m.6 views

Spinnaker 日志信息泄露漏洞

Spinnaker is a continuous delivery platform. It is used to release software changes with high speed and confidence. A log information disclosure vulnerability exists in Spinnaker versions prior to 1.29.2, prior to 1.28.4, and prior to 1.27.3, which stems from not preserving a masked secret...

7.5CVSS7.2AI score0.00541EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2020/09/09 8:23 a.m.9 views

Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor

A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2014/09/17 6:9 a.m.14 views

Malicious Kindle Ebook Let Hackers Take Over Your Amazon Account

If you came across a Kindle e-book download link from any suspicious sources or somewhere other than Amazon itself, check twice before you proceed download. As downloading an eBook could put your personal information at risk. A security researcher has uncovered a security hole in Amazon's Kindle...

5.7AI score
Exploits0
Rows per page
Query Builder