Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/14 2:39 p.m.10 views

CVE-2026-44308

Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did n...

6.3CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/05/08 9:12 p.m.3 views

CVE-2026-42193 Plunk: SNS webhook forgery

Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, the /webhooks/sns endpoint accepts Amazon SNS notification payloads from unauthenticated requests without verifying the SNS signature, certificate, or topic ARN, meaning anyone can forge a valid-looking webhoo...

9.1CVSS5.9AI score0.00127EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7651

Name of the Vulnerable Software and Affected Versions Statping-ng version 0.91.0 Description An issue allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazon sns, and export API endpoints. Recommendations Apply updates to address the issu...

7.5CVSS5.4AI score0.00494EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.7 views

PT-2019-11353 · Jenkins · Jenkins Amazon Sns Build Notifier Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Amazon SNS Build Notifier Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specificall...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References7
Rows per page
Query Builder