CVE-2026-8934

A Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console allows an unauthenticated remote attacker to leak sensitive App Engine request logs from other projects using a specially crafted request. This vulnerability was patched ...

CVE-2026-8934 Cross-Project Information Leakage in Google App Engine UI

A Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console allows an unauthenticated remote attacker to leak sensitive App Engine request logs from other projects using a specially crafted request. This vulnerability was patched ...

CVE-2026-8934

The CVE-2026-8934 describes a Missing Authorization vulnerability in a GraphQL private API operation within Google App Engine Cloud Console, enabling an unauthenticated attacker to leak sensitive App Engine request logs from other projects via a crafted request. Affected component: Google Cloud C...

EUVD-2026-38262

A Missing Authorization vulnerability in a GraphQL private API operation of the Google App Engine section of the Cloud Console allows an unauthenticated remote attacker to leak sensitive App Engine request logs from other projects using a specially crafted request. This vulnerability was patched ...

CVE-2026-2331 CVE-2026-2331

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...

EUVD-2011-4154

Malware in sbrugna...

EUVD-2011-1371

Malware in sbrugna...

EUVD-2011-4155

Malware in sbrugna...

EUVD-2011-4153

Malware in sbrugna...

CVE-2024-55585

CVE-2024-55585 affects moPS App up to version 1.8.618. The vulnerability stems from insufficient access control on administrative API endpoints, allowing unauthenticated users to perform read and write actions (example: /api/v1/users/resetpassword). The CVSS shows high impact with confidentialiti...

CVE-2024-55585

In the moPS App through 1.8.618, all users can access administrative API endpoints without additional authentication, resulting in unrestricted read and write access, as demonstrated by /api/v1/users/resetpassword...

Malicious code in google-appengine-ext (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 142a8fbc789954291f2b01aab5ac1d139eaaf4f9f490fd6dcf30da438f7d8e51 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Fedora: Security Advisory for golang-google-appengine (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-google-appengine-1.6.7-6.fc36

This package supports the Go runtime on App Engine standard. It provides APIs for interacting with App Engine services...

[SECURITY] Fedora 35 Update: golang-google-appengine-1.6.7-5.fc35

This package supports the Go runtime on App Engine standard. It provides APIs for interacting with App Engine services...

[SECURITY] Fedora 36 Update: golang-google-appengine-1.6.7-5.fc36

This package supports the Go runtime on App Engine standard. It provides APIs for interacting with App Engine services...

Scalable Fuzzing Infrastructure: ClusterFuzz

ClusterFuzz is a scalable fuzzing infrastructure which finds security and stability issues in software. It is used by Google for fuzzing the Chrome Browser, and serves as the fuzzing backend for OSS-Fuzz . ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software...

Hackers abusing Google App Engine to spread PDF malware

By Waqas The Cobalt Strike advanced persistent threat APT group is using Google App Engine to spread PDF malware against financial firms. The IT security researchers at Netskope have discovered a sophisticated malware campaign in which cybercriminals are abusing Google App Engine GCP, a web...

See how do I find the value of 3 thousand 6 thousand USD Google RCE vulnerability-vulnerability warning-the black bar safety net

! This article tells the story of the Uruguayan public University, 18-year-old student Ezequiel Pereira found Google highest level RCE vulnerability-related process. In the beginning of the year, Ezequiel found Google Google App Engine GAEis a non-production environment of a vulnerability, exploi...

appengine.google.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-617281 Description| Value ---|--- Affected Website:| appengine.google.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...