Lucene search
K

60 matches found

Chainguard
Chainguard
added 2026/06/23 8:16 a.m.7 views

CVE-2026-41178 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-node-driver-registrar, crossplane-provider-azure-powerbidedicated, grafana, tekton-chains, terraform-provider-grafana, scorecard, buildah-fips, crossplane-provider-azure-servicebus, tkn, cloud-provider-azure, neuvector-scanner, authentik-fips, cri-tool...

5.3CVSS5.8AI score0.00237EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:17 a.m.10 views

CVE-2025-1969

Improper request input validation in Temporary Elevated Access Management TEAM for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process...

5.3CVSS7AI score0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2021-1705

Malware in sbrugna...

8.2CVSS7.8AI score0.01461EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-2220

Malware in sbrugna...

9CVSS7AI score0.01289EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7453

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00301EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6388

Malicious code in bioql PyPI...

8.8CVSS8.3AI score0.0084EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2025-19636

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00134EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/01 2:49 p.m.4 views

CVE-2025-34062 OneLogin AD Connector API Credential and Signing Key Exposure

An information disclosure vulnerability exists in OneLogin AD Connector versions prior to 6.1.5 via the /api/adc/v4/configuration endpoint. An attacker with access to a valid directorytoken—which may be retrievable from host registry keys or improperly secured logs—can retrieve a plaintext respon...

5.7CVSS5.9AI score0.00134EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2025/05/20 12:42 p.m.40 views

AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

Cybersecurity researchers have discovered risky default identity and access management IAM roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. "These roles, often...

7.9AI score
Exploits0
Veracode
Veracode
added 2025/04/03 3:13 a.m.11 views

Overly Permissive Authorization

aws-cdk-lib is vulnerable to Overly Permissive Authorization. The vulnerability is due to the CDK Construct Library automatically generating an overly permissive AWS IAM trust policy, which allows any user with unrestricted sts:AssumeRole permissions to assume the role...

7AI score
Exploits0
NVD
NVD
added 2025/03/04 7:15 p.m.5 views

CVE-2025-1969

Improper request input validation in Temporary Elevated Access Management TEAM for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process...

5.3CVSS0.00301EPSS
Exploits0References3
CVE
CVE
added 2025/03/04 6:49 p.m.66 views

CVE-2025-1969

CVE-2025-1969 involves AWS IAM Identity Center’s Temporary Elevated Access Management (TEAM). The issue is improper input validation that lets a user modify a valid request and spoof an approval in TEAM. Affected component: TEAM (Temporary Elevated Access Management) within AWS IAM Identity Cente...

5.3CVSS4.6AI score0.00301EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/04 6:49 p.m.13 views

CVE-2025-1969 Request approval spoofing in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center

Improper request input validation in Temporary Elevated Access Management TEAM for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process...

5.3CVSS0.00301EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/04 6:49 p.m.5 views

CVE-2025-1969 Request approval spoofing in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center

Improper request input validation in Temporary Elevated Access Management TEAM for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process...

5.3CVSS6.4AI score0.00301EPSS
Exploits0References3
Rhino Security Labs
Rhino Security Labs
added 2025/02/11 3:3 p.m.7 views

CVE-2025-0693: AWS IAM User Enumeration

The post CVE-2025-0693: AWS IAM User Enumeration appeared first on Rhino Security Labs...

6.9CVSS7.1AI score0.00358EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 3:30 a.m.7 views

CVE-2024-45290

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX file, PhpSpreadsheet retrieves the image size and type by reading the file contents, if the provided...

7.7CVSS6.5AI score0.00579EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/12/17 12:0 a.m.15 views

SUSE SLES15 / openSUSE 15 Security Update : aws-iam-authenticator (SUSE-SU-2024:4329-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:4329-1 advisory. - CVE-2022-1996: Fixed CORS bypass bsc1200528. Tenable has extracted the preceding description block directly from the SUSE...

9.3CVSS8.3AI score0.02737EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2024/12/16 1:16 p.m.4 views

Security update for aws-iam-authenticator

This update for aws-iam-authenticator fixes the following issues: CVE-2022-1996: Fixed CORS bypass bsc1200528. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...

9.1CVSS10AI score0.02737EPSS
Exploits1References4
OSV
OSV
added 2024/12/16 1:16 p.m.19 views

SUSE-SU-2024:4329-1 Security update for aws-iam-authenticator

This update for aws-iam-authenticator fixes the following issues: - CVE-2022-1996: Fixed CORS bypass bsc1200528...

9.3CVSS10AI score0.02737EPSS
Exploits1References3
Veeam
Veeam
added 2024/06/06 12:0 a.m.25 views

How to Configure EKS Clusters to Use AWS IAM Users/Roles for Veeam Kasten for Kubernetes Access

Purpose Follow this guide to provide appropriate Veeam Kasten for Kubernetes role-based access using AWS IAM users or roles. Solution Description Veeam Kasten for Kubernetes integrates with whatever authentication mechanism customers use to access their Kubernetes clusters. Since EKS natively...

7AI score
Exploits0
Rows per page
Query Builder