16 matches found
EUVD-2024-17416
Malicious code in bioql PyPI...
Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2025-1208)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: An unclaimed Amazon S3 bucket vulnerability (CVE-2024-1682)affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.
Summary Potential unclaimed Amazon S3 bucket vulnerability CVE-2024-1682 has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for...
PT-2025-6081 · Unknown · Wandb/Openui
Name of the Vulnerable Software and Affected Versions: wandb/openui version c945bb859979659add5f490a874140ad17c56a5d Description: The issue concerns unauthenticated endpoints that allow file uploads and downloads from an AWS S3 bucket, potentially leading to denial of service, stored XSS, and...
EulerOS 2.0 SP11 : python-requests (EulerOS-SA-2025-1165)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...
EulerOS 2.0 SP12 : python-requests (EulerOS-SA-2025-1181)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...
EulerOS 2.0 SP11 : python-requests (EulerOS-SA-2025-1146)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...
Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2025-1061)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : python-requests (EulerOS-SA-2025-1029)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...
EulerOS 2.0 SP10 : python-requests (EulerOS-SA-2025-1012)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...
4.8 million healthcare records left freely accessible
Your main business is healthcare, so your excuse when you get hacked is that you didn’t have the budget to secure your network. Am I right? So, in order to prevent a ransomware gang from infiltrating your network, you could just give them what they want—all your data. The seemingly preferred meth...
CVE-2024-1682 Unclaimed S3 Bucket Reference in psf/requests Documentation
An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of...
PT-2024-5257 · Amazon · Aws S3
Name of the Vulnerable Software and Affected Versions: Open edX Platform versions master, palm, olive, nutmeg, maple, lilac, koa, or juniper Description: The issue is related to inadequate access control in the Open edX Platform, specifically with the AWS S3 Bucket Handler component. This may all...
TomTom: Listing of Amazon S3 Bucket accessible to any amazon authenticated user (vector-maps-e457472599)
Summary: It's possible to get a listing of every files in the S3 bucket vector-maps-e457472599 Description: The problem is using the AWS command line, it's possible to get a listing of files in the Amazon S3 Bucket with an AWS authentication. See screenshot vector-maps-e457472599publics3bucket.pn...
Walmart Jewelry Partner Exposes Personal Data Of 1.3M Customers
A misconfigured Amazon S3 Simple Storage Service bucket, managed by a Walmart jewelry partner, left personal details and contact information of 1.3 million customers exposed to the public internet. The S3 repository containing a MSSQL database backup belongs to MBM Company, a Chicago, Ill.-based...
subjack - Hostile Subdomain Takeover tool written in Go
subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule...