Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-3402

Malware in sbrugna...

9.3CVSS8.5AI score0.00133EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-9731

Malicious code in bioql PyPI...

8.7CVSS7.4AI score0.01389EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-29625

Malicious code in bioql PyPI...

9CVSS8.6AI score0.00186EPSS
Exploits1References3
Veracode
Veracodeadded 2025/04/14 10:49 a.m.177 views

Improper Verification Of Cryptographic Signature

github.com/minio/minio is vulnerable to authorization bypass. The vulnerability is due to improper signature verification due to the ability to use arbitrary secrets to upload objects if the attacker has prior WRITE permissions and access to the access key and bucket name...

8.7CVSS6.5AI score0.01389EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blogadded 2025/03/03 7:56 p.m.16 views

MinIO allows an SFTP authentication bypass due to improperly trusted SSH key

Summary A bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. Details On a MinIO server with SFTP access configured and using LDAP as an external identity provider, MinIO supports SSH key based authentication fo...

8.2CVSS7.3AI score0.00384EPSS
Exploits0References5Affected Software1
NVD
NVDadded 2025/02/28 9:15 p.m.5 views

CVE-2025-27414

MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to RELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP...

8.2CVSS0.00384EPSS
Exploits0References3
OSV
OSVadded 2023/09/06 6:43 p.m.20 views

GHSA-W23Q-4HW3-2PP6 Minio vulnerable to Privilege Escalation on Windows via Path separator manipulation

Impact All users on Windows are impacted. MinIO fails to filter the \ character, which allows for arbitrary object placement across buckets. As a result, a user with low privileges, such as an access key, service account, or STS credential, which only has permission to PutObject in a specific...

8.8CVSS8.5AI score0.00639EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2022/08/01 12:0 a.m.8 views

CVE-2022-35919 Authenticated requests for server update admin API allows path traversal in minio

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...

7.4CVSS7.6AI score0.13567EPSS
Exploits4References4
Vulnrichment
Vulnrichmentadded 2022/04/12 5:20 p.m.6 views

CVE-2022-24842 Improper Privilege Management in MinIO

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. A security issue was found where an non-admin user is able to create service accounts for root or other admin users and then is able to assume their access policies via the generated credentials. Thi...

8.8CVSS8.8AI score0.00186EPSS
Exploits1References3
Rows per page
Query Builder