49 matches found
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: chezmoi, zot, kubernetes, istio, grafana, kubescape, gitaly, coredns, kaf, newrelic-fluent-bit-output, prometheus-operator, aws-flb-cloudwatch, aws-flb-firehose, azurefile-csi, external-secrets-operator, telegraf, k8s-device-plugin, argo-cd, libnvidia-container,...
CVE-2023-43784
Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...
CVE-2025-65637 vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, docker-credential-gcr, aws-flb-firehose, gostatsd, kpt, neuvector-dbgen, kube-fluentd-operator, kubeflow, src-fingerprint, go-discover, hello-world-golang, smokescreen, sonobuoy, php-fpmexporter, aws-flb-kinesis, newrelic-nri-statsd,...
GHSA-4F99-4Q7P-P3GH vulnerabilities
Vulnerabilities for packages: aws-flb-cloudwatch, docker-credential-gcr, aws-flb-firehose, gostatsd, kpt, neuvector-dbgen, kube-fluentd-operator, kubeflow, src-fingerprint, go-discover, hello-world-golang, smokescreen, sonobuoy, php-fpmexporter, aws-flb-kinesis, newrelic-nri-statsd,...
CVE-2025-65637 vulnerabilities
Vulnerabilities for packages: newrelic-nri-statsd, sonobuoy-fips, gostatsd, src-fingerprint-fips, consul-fips, php-fpmexporter, prometheus-beat-exporter-fips, falcoctl-fips, aws-flb-cloudwatch-fips, src-fingerprint, hello-world-golang, terraform-provider-google-fips, aws-flb-kinesis-fips,...
GHSA-4F99-4Q7P-P3GH vulnerabilities
Vulnerabilities for packages: newrelic-nri-statsd, sonobuoy-fips, gostatsd, src-fingerprint-fips, consul-fips, php-fpmexporter, prometheus-beat-exporter-fips, falcoctl-fips, aws-flb-cloudwatch-fips, src-fingerprint, hello-world-golang, terraform-provider-google-fips, aws-flb-kinesis-fips,...
EUVD-2024-2627
Malicious code in bioql PyPI...
EUVD-2024-30761
Malicious code in bioql PyPI...
CVE-2025-59402
Flock Safety Bravo Edge AI Compute Device BRAVO00.00local20241017 accepts the default Thundercomm TurboX 6490 Firehose loader in EDL/QDL mode. This enables attackers with physical access to flash arbitrary firmware, dump partitions, and bypass bootloader and OS security controls...
Flock Safety The Bravo Compute Box 安全漏洞
Flock Safety The Bravo Compute Box is an edge computing device from Flock Safety USA. A security vulnerability exists in Flock Safety The Bravo Compute Box BRAVO00.00local20241017 version, which stems from the acceptance of the default Thundercomm TurboX 6490 Firehose loader, which could lead to ...
CVE-2025-59402
Flock Safety Bravo Edge AI Compute Device BRAVO00.00local20241017 accepts the default Thundercomm TurboX 6490 Firehose loader in EDL/QDL mode. This enables attackers with physical access to flash arbitrary firmware, dump partitions, and bypass bootloader and OS security controls...
PT-2025-39453
Name of the Vulnerable Software and Affected Versions Flock Safety Bravo Edge AI Compute Device version BRAVO 00.00 local 20241017 Description The Flock Safety Bravo Edge AI Compute Device allows attackers with physical access to flash arbitrary firmware, dump partitions, and bypass bootloader an...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: skopeo-fips, amazon-ssm-agent-fips, rke2-cloud-provider-fips, karma, falcoctl, descheduler-fips, k9s, sops-fips, rclone, git-lfs-fips, buildkitd, glow, vgpu-util, falco-exporter-fips, nvidia-nsight-compute-13.0, promxy-fips, s5cmd, flyte, vt-cli, hugo-extended,...
CVE-2024-45043
The OpenTelemetry Collector module AWS firehose receiver is for ingesting AWS Kinesis Data Firehose delivery stream messages and parsing the records received based on the configured record type. awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...
CVE-2024-33016
memory corruption when an invalid firehose patch command is invoked...
Malicious code in firehose-poc-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf904e76972bcc2c5a275af86c2f0562ac2be401605c8b36b8e3c886a5a985ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1123 Malicious code in firehose-poc-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf904e76972bcc2c5a275af86c2f0562ac2be401605c8b36b8e3c886a5a985ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
U.S. Dept Of Defense: Secret Access Key of AWS Firehose Disclosure
The domain had an endpoint that contained the secret access key of an AWS Firehose delivery stream encoded in base64. The secret access key was disclosed, allowing the record to be put into the Firehose delivery stream...
OpenTelemetry Collector < 0.108.0 Authentication Bypass
The OpenTelemetry Collector running on the remote host is prior to 0.108.0. It is, therefore, affected by a timing discrepancy vulnerability, outlined below: OpenTelemetry Collector module awsfirehosereceiver allows unauthenticated remote requests, even when configured to require a key...
CVE-2024-33016
memory corruption when an invalid firehose patch command is invoked...