Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/05/11 7:16 p.m.10 views

CVE-2026-42864

FireFighter is an incident management application. Prior to 0.0.54, the POST /api/v2/firefighter/raid/jirabot endpoint CreateJiraBotView is reachable without authentication permissionclasses = permissions.AllowAny. Its attachments payload is fetched server-side via httpx.get with no URL validatio...

9.9CVSS0.00272EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 5:43 a.m.1 views

SUSE CVE-2012-5483

tools/sampledata.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud Amazon EC2 is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this...

2.1CVSS6.2AI score0.00341EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2022/04/22 12:24 a.m.30 views

OpenStack Nova Exposure of Sensitive Information to an Unauthorized Actor

OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...

5.9CVSS6.5AI score0.01446EPSS
Exploits1References9Affected Software1
OSV
OSVadded 2019/11/26 4:15 a.m.2 views

DEBIAN-CVE-2011-4076

OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...

5.9CVSS5.9AI score0.01446EPSS
Exploits1References1
OSV
OSVadded 2019/11/26 4:15 a.m.8 views

CVE-2011-4076

OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...

5.9CVSS5.5AI score0.01446EPSS
Exploits1References13
Debian CVE
Debian CVEadded 2019/11/26 3:53 a.m.25 views

CVE-2011-4076

OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...

5.9CVSS5.5AI score0.01446EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2011/10/26 12:0 a.m.21 views

Ubuntu 11.10 : nova vulnerability (USN-1247-1)

An information leak was discovered in Nova. An attacker with access to a valid EC2ACCESSKEY could obtain the corresponding EC2SECRETKEY for that user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted...

5.5AI score
Exploits0References1
Rows per page
Query Builder