EUVD-2023-1893

Malicious code in bioql PyPI...

EUVD-2023-1718

Malicious code in bioql PyPI...

CVE-2023-36815

Sealos is a Cloud Operating System designed for managing cloud-native applications. In version 4.2.0 and prior, there is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account sealos. io/v1/Payment, resulting in the ability to recharge any amou...

My Cloud Multiple Products Code Issue Vulnerability

Western Digital My Cloud and others are products of Western Digital, Inc.Western Digital My Cloud is a personal cloud storage device.Western Digital My Cloud Home is an easy-to-use personal cloud storage device.Western Digital My Cloud Home Duo is an easy-to-use personal cloud storage...

CVE-2023-36815

Sealos is a Cloud Operating System designed for managing cloud-native applications. In version 4.2.0 and prior, there is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account sealos. io/v1/Payment, resulting in the ability to recharge any amou...

Code injection

Sealos is a Cloud Operating System designed for managing cloud-native applications. In version 4.2.0 and prior, there is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account sealos. io/v1/Payment, resulting in the ability to recharge any amou...

CVE-2023-36815 Sealos billing system permission control defect

Sealos is a Cloud Operating System designed for managing cloud-native applications. In version 4.2.0 and prior, there is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account sealos. io/v1/Payment, resulting in the ability to recharge any amou...

CVE-2023-36815

Sealos (Cloud Operating System) up to version 4.2.0 contains a permission flaw in the billing system that lets a user control the recharge resource account sealos.io/v1/Payment, enabling recharging any amount (1 RMB) and potentially exposing resource information. The vulnerability arises from imp...

CVE-2023-36815 Sealos billing system permission control defect

Sealos is a Cloud Operating System designed for managing cloud-native applications. In version 4.2.0 and prior, there is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account sealos. io/v1/Payment, resulting in the ability to recharge any amou...

Sealos 安全漏洞

Sealos is a cloud operating system designed for managing cloud-native applications. A security vulnerability exists in Sealos 4.2.0 and prior versions that stems from a privilege flaw where the billing interface can expose resource information...

CVE-2023-33190

CVE-2023-33190 affects Sealos, an open source cloud operating system for Kubernetes. The issue is an improper RBAC permissions configuration in Sealos versions prior to 4.2.1-rc4, enabling an attacker to obtain cluster control permissions and potentially manage the entire cluster, including pods ...

Huawei FusionSphere Command Injection Vulnerability

Huawei FusionSphere, a product of Huawei, is a cloud operating system product developed based on the OpenStack framework. Huawei FusionSphere suffers from a command injection vulnerability because the program fails to adequately validate device input. An authenticated remote attacker can exploit...

Huawei FusionSphere 'Xenstore' Information Disclosure Vulnerability

Huawei FusionSphere is Huawei's proprietary intellectual property cloud operating system that combines virtualization platform and cloud management features to make cloud computing platform construction and use simpler, and is designed to meet the cloud computing needs of enterprise and carrier...