Aider 代码问题漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a code vulnerability. This vulnerability stems from the requests.get operation in the apidocs.py file of the AWS EC2 Metadata Endpoint, which leads to server-side request forgeing...

CVE-2022-23511

A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window opens with SYSTEM...

CVE-2025-62375 go-witness Improper Verification of AWS EC2 Identity Documents

go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succeed when a signature is not present or is...

EUVD-2017-8039

Malware in sbrugna...

EUVD-2017-9233

Malware in sbrugna...

EUVD-2021-7539

Malicious code in bioql PyPI...

EUVD-2022-5512

Malicious code in bioql PyPI...

EUVD-2022-4923

Malicious code in bioql PyPI...

EUVD-2022-3396

Malicious code in bioql PyPI...

EUVD-2022-3533

Malicious code in bioql PyPI...

EUVD-2022-5202

Malicious code in bioql PyPI...

EUVD-2022-5524

Malicious code in bioql PyPI...

EUVD-2022-4268

Malicious code in bioql PyPI...

CVE-2021-20077

Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local host during initial linking of the Nessus Agent when installed on an Amazon EC2 instance. This could allow a privileged attacker to obtain the token...

CVE-2020-2185

Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks...

CVE-2020-2186

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier allows attackers to provision instances...

CVE-2019-10364

Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log...

Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal

Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager SSM Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution. The vulnerability could permit an attacker to create...

CVE-2024-53095

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...

CVE-2024-53095 smb: client: Fix use-after-free of network namespace.

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...