Lucene search
K

12 matches found

Cvelist
Cvelist
added 2026/06/04 6:17 a.m.39 views

CVE-2026-49193 Publicly Readable AWS S3 Telemetry Buckets

Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet...

8.7CVSS0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 4:19 p.m.10 views

CVE-2026-42812 Apache Polaris: No protection on `write.metadata.path`

In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...

9.9CVSS5.8AI score0.00364EPSS
Exploits0References1
OSV
OSV
added 2026/03/03 8:16 p.m.5 views

CVE-2025-36364

IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...

3.3CVSS5.8AI score0.00108EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-39900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary...

4CVSS4.8AI score0.00606EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2025/03/14 3:29 p.m.14 views

Research on iOS apps shows widespread exposure of secrets

Researchers found that most of the apps available on Apple’s App Store leak at least one hard-coded secret. The researchers looked at 156,000 iOS apps and discovered more than 815,000 hardcoded secrets, including very sensitive secrets like keys to cloud storage, various Application Programming...

7.3AI score
Exploits0
OSV
OSV
added 2024/11/07 5:46 p.m.4 views

CVE-2024-51758 Exported files stored in default (`public`) filesystem if not reconfigured in filament

Filament is a collection of full-stack components for accelerated Laravel development. All Filament features that interact with storage use the defaultfilesystemdisk config option. This allows the user to easily swap their storage driver to something production-ready like s3 when deploying their...

2.3CVSS6.7AI score0.00537EPSS
Exploits0References4
PyPA
PyPA
added 2024/10/02 8:15 p.m.4 views

PYSEC-2024-121

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting s...

6.5CVSS6.8AI score0.00344EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/04/08 12:0 a.m.19 views

The vulnerability of the web application of the 1C:Enterprise system, related to the storage and transmission of data in an open manner, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the 1C:Enterprise web application relates to the storage and transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

4.9CVSS5.5AI score
Exploits0Affected Software1
CNVD
CNVD
added 2020/04/08 12:0 a.m.1 views

xdLocalStorage input validation error vulnerability (CNVD-2020-28469)

xdLocalStorage is a lightweight JavaScript library that supports cross-domain data storage . An input validation error vulnerability exists in xdLocalStorage, which stems from a function that does not perform any validation on the origin of a Web message. An attacker can exploit this vulnerabilit...

7.1CVSS6.6AI score0.01327EPSS
Exploits1References1
OSV
OSV
added 2019/09/05 9:15 p.m.3 views

CVE-2019-11380

The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage...

7.5CVSS7.1AI score0.01633EPSS
Exploits0References1
OSV
OSV
added 2019/06/06 9:29 p.m.4 views

CVE-2019-4218

IBM Security Information Queue ISIQ 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 159227...

3.3CVSS5.8AI score
Exploits0References2
CNVD
CNVD
added 2016/03/14 12:0 a.m.3 views

Android Widevine Trusted Application Information Disclosure Vulnerability

Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, and the Widevine Trusted Application is one of the components used to validate the Google DRM platform. A security vulnerability exists in Widevine Trusted Application in version 6.0.1 of...

5.3CVSS6.3AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder