CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

NVD•added 2026/05/28 10:16 a.m.•12 views

CVE-2026-47074

Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...

8.7CVSS0.00044EPSS

Exploits0References4

Github Security Blog•added 2026/05/07 12:6 a.m.•8 views

Spring Cloud AWS missing SNS message signature verification allows spoofing of HTTP/HTTPS endpoint notifications

Impact Applications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did not verify the signature of incoming SNS messages. An unauthenticated attacker who knows the endpoint URL could...

6.3CVSS6AI score0.00108EPSS

Exploits0References5Affected Software1

RedhatCVE•added 2026/02/12 1:3 a.m.•1 views

CVE-2024-26477

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazonsns, export endpoints...

7.5CVSS5.5AI score0.00058EPSS

Exploits1References1

OSV•added 2026/02/11 8:16 p.m.•3 views

CVE-2024-26477

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazonsns, export endpoints...

7.5CVSS5.9AI score0.00058EPSS

Exploits1References4

NVD•added 2026/02/11 8:16 p.m.•3 views

CVE-2024-26477

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazonsns, export endpoints...

7.5CVSS0.00058EPSS

Exploits1References4

CNNVD•added 2026/02/11 12:0 a.m.•2 views

statping-ng 安全漏洞

Statping-ng is an open-source server monitoring software developed by Statping-ng. Version 0.91.0 of Statping-ng contains a security vulnerability. This vulnerability stems from improper handling of specially crafted requests for endpoint API parameters such as oauth, amazonsns, and export, which...

7.5CVSS5.8AI score0.00058EPSS

Exploits1References4

Vulnrichment•added 2026/02/11 12:0 a.m.•1 views

CVE-2024-26477

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazonsns, export endpoints...

5.5AI score0.00058EPSS

Exploits1References4

ATTACKERKB•added 2026/02/11 12:0 a.m.•1 views

CVE-2024-26477

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazonsns, export endpoints...

5.5AI score0.00058EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-3106

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00078EPSS

Exploits0References6

RedhatCVE•added 2025/05/22 10:7 a.m.•2 views

CVE-2019-1003063

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

8.8CVSS6.7AI score0.00078EPSS

Exploits0References1

OSV•added 2024/06/25 1:47 p.m.•5 views

MAL-2024-6550 Malicious code in alerty-plugin-amazon-sns (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0References1

OSSF Malicious Packages•added 2024/06/25 1:47 p.m.•5 views

Malicious code in alerty-plugin-amazon-sns (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0References1

Github Security Blog•added 2022/05/13 1:17 a.m.•9 views

Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text

Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.snsnotify.AmazonSNSNotifier.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.8AI score0.00078EPSS

Exploits0References5Affected Software1

OSV•added 2022/05/13 1:17 a.m.•12 views

GHSA-84P4-7MXC-7PHJ Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text

3.3CVSS8.7AI score0.00078EPSS

Exploits0References5

Prion•added 2019/04/04 4:29 p.m.•5 views

Design/Logic Flaw

4CVSS8.6AI score0.00078EPSS

Exploits0References3

OSV•added 2019/04/04 4:29 p.m.•1 views

CVE-2019-1003063

8.8CVSS6.4AI score0.00078EPSS

Exploits0References3

NVD•added 2019/04/04 4:29 p.m.•6 views

CVE-2019-1003063

8.8CVSS8.7AI score0.00078EPSS

Exploits0References3

CVE•added 2019/04/04 3:38 p.m.•43 views

CVE-2019-1003063

CVE-2019-1003063 affects the Jenkins Amazon SNS Build Notifier Plugin. The vulnerability arises because the plugin stores credentials unencrypted in the global configuration file on the Jenkins master, specifically in the org.jenkinsci.plugins.snsnotify.AmazonSNSNotifier.xml, which can be viewed ...

8.8CVSS8.6AI score0.00078EPSS

Exploits0References3Affected Software1

0day.today•added 2016/11/12 12:0 a.m.•29 views

WordPress W3 Total Cache Amazon SNS Push Messages Weak Validation Vulnerability

A vulnerability in the validation of Amazon SNS messages was found in the W3 Total Cache plugin. This issue allows an attacker to perform a variety of actions concerning the server's cache, which may result in a denial of service attack. Version 0.9.4.1 is affected...

6.7AI score

Exploits0

Packet Storm•added 2016/11/11 12:0 a.m.•34 views

WordPress W3 Total Cache Amazon SNS Push Messages Weak Validation

------------------------------------------------------------------------ Weak validation of Amazon SNS push messages in W3 Total Cache WordPress Plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by