Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-2627

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00489EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.4 views

CVE-2024-45043

The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...

5.3CVSS7AI score0.00489EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.10 views

OpenTelemetry Collector < 0.108.0 Authentication Bypass

The OpenTelemetry Collector running on the remote host is prior to 0.108.0. It is, therefore, affected by a timing discrepancy vulnerability, outlined below: OpenTelemetry Collector module awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...

5.3CVSS5.7AI score0.00489EPSS
Exploits0References2
OSV
OSV
added 2024/08/30 5:18 p.m.9 views

GO-2024-3102 OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver

OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability in github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver...

5.3CVSS5.2AI score0.00489EPSS
Exploits0References11
Veracode
Veracode
added 2024/08/29 7:44 p.m.12 views

Authentication Bypass

github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver is vulnerable to unauthorized remote access. The vulnerability is due to improper enforcement of key requirements in the awsfirehosereceiver module, allowing unauthenticated requests even when a key is configur...

5.3CVSS6.8AI score0.00489EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/08/29 5:56 p.m.7 views

GHSA-PRF6-XJXH-P698 OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability

Summary OpenTelemetry Collector module awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key. OpenTelemetry Collector can be configured to receive CloudWatch metrics via an AWS Firehose Stream. Firehose sets the header X-Amz-Firehose-Access-Key with an...

6.9CVSS5.2AI score0.00489EPSS
Exploits0References13
NVD
NVD
added 2024/08/28 8:15 p.m.18 views

CVE-2024-45043

The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...

5.3CVSS0.00489EPSS
Exploits0References9
CVE
CVE
added 2024/08/28 8:6 p.m.57 views

CVE-2024-45043

CVE-2024-45043 – OpenTelemetry Collector AWS Firehose Receiver Authentication Bypass Affected component: OpenTelemetry Collector Contrib awsfirehosereceiver (alpha module). Issue: when configured to require an access key (X-Amz-Firehose-Access-Key), the receiver still accepts requests with no key...

5.3CVSS5.3AI score0.00489EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/08/28 8:6 p.m.20 views

CVE-2024-45043 OpenTelemetry Collector AWS Firehose Receiver Authentication Bypass Vulnerability

The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...

5.3CVSS0.00489EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/08/28 8:6 p.m.24 views

CVE-2024-45043 OpenTelemetry Collector AWS Firehose Receiver Authentication Bypass Vulnerability

The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...

5.3CVSS7.1AI score0.00489EPSS
Exploits0References9
OSV
OSV
added 2024/08/28 8:6 p.m.5 views

CVE-2024-45043 OpenTelemetry Collector AWS Firehose Receiver Authentication Bypass Vulnerability

The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...

5.3CVSS6.8AI score0.00489EPSS
Exploits0References11
NVD
NVD
added 2023/09/22 6:15 a.m.16 views

CVE-2023-43784

Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...

7.5CVSS7.6AI score0.00473EPSS
Exploits0References2
Prion
Prion
added 2023/09/22 6:15 a.m.27 views

Code injection

DISPUTED Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...

5CVSS7.5AI score0.00473EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/22 12:0 a.m.8 views

CVE-2023-43784

Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...

7AI score0.00473EPSS
Exploits0References2
Rows per page
Query Builder