Lucene search
K

33 matches found

Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.6 views

PT-2026-23524

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.1.14-1 through 2026.2.11 Description The software contains an improper network binding issue in the Chrome extension relay server. The server incorrectly handles wildcard hosts, treating them as loopback addresses. This...

9.1CVSS5.8AI score0.00396EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24858

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00229EPSS
Exploits0References4
Veracode
Veracode
added 2025/09/04 9:13 a.m.4 views

Improper Access Control

github.com/aws/amazon-ecs-agent is vulnerable to improper access control. The vulnerability is due to the introspection server being accessible off-host under certain security group configurations, which allows an attacker from another instance to gain unauthorized access to the server...

5.3CVSS6.8AI score0.00229EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2025/08/20 11:33 p.m.3 views

SUSE CVE-2025-9039

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

5.3CVSS7.2AI score0.00229EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/16 5:26 p.m.5 views

CVE-2025-9039

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

5.3CVSS7.5AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 6:30 p.m.27 views

GHSA-WM7X-WW72-R77Q Information Disclosure in Amazon ECS Container Agent

Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. Amazon ECS container agent provides an introspection API that provides information about the overall state of the...

5.3CVSS7AI score0.00229EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/08/14 6:30 p.m.14 views

Information Disclosure in Amazon ECS Container Agent

Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. Amazon ECS container agent provides an introspection API that provides information about the overall state of the...

5.3CVSS7AI score0.00229EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/08/14 5:15 p.m.7 views

CVE-2025-9039

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

5.3CVSS0.00229EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/14 4:15 p.m.10 views

CVE-2025-9039 Information Disclosure in Amazon ECS Container Agent

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

5.3CVSS0.00229EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/14 4:15 p.m.2 views

CVE-2025-9039 Information Disclosure in Amazon ECS Container Agent

We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is...

5.3CVSS7.4AI score0.00229EPSS
Exploits0References3
CVE
CVE
added 2025/08/14 4:15 p.m.22 views

CVE-2025-9039

This CVE affects the Amazon ECS container agent: versions 0.0.3 through 1.97.0 allow an introspection server to be accessed off-host between instances in the same security group or when security groups permit inbound connections to the introspection port 51678. The issue is addressed in ECS agent...

5.3CVSS7.4AI score0.00229EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.5 views

PT-2025-33310

Name of the Vulnerable Software and Affected Versions: Amazon ECS agent versions 0.0.3 through 1.97.0 Description: An issue was identified in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the sa...

5.3CVSS6.3AI score0.00229EPSS
Exploits0References12
Veeam
Veeam
added 2020/04/06 12:0 a.m.26 views

Preferred Network Rule for Hyper-V Host Not Using IP Specified

Challenge Backup network traffic does not use the NICs associated with IPs configured within the preferred network rules for a Microsoft Hyper-V Host. Cause This can occur because, by default, Veeam Backup & Replication stores only the IP addresses for Hyper-V hosts that DNS provides. Solution To...

5.8AI score
Exploits0Affected Software1
Rows per page
Query Builder