Rclone 访问控制错误漏洞

Rclone is a software developed by the Rclone team that can synchronize data asynchronously from cloud storage. This software supports various cloud storage services such as Google Drive, Amazon Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Cloudfiles, Google Cloud Storage, and Yandex...

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. "The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host...

com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak (=24.3.0.0), com.github.wnameless.spring.boot.up:spring-boot-up-keycloak-plugin (=24.3.0.0) +8 more potentially affected by CVE-2025-9162 via org.keycloak:keycloak-model-storage-services (>=24.0.0 <=24.0.5)

org.keycloak:keycloak-model-storage-services MAVEN version =24.0.0, =2.5.6-24.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.0, =24.0.5 Source cves: CVE-2025-9162 Source advisory: OSV:GHSA-8HXP-QMPH-W5GQ...

de.arbeitsagentur.opdt:keycloak-cassandra-model-tests (>=3.0.1-25.0 <=4.0.5-25.0), org.keycloak:keycloak-dependencies-server-all (>=25.0.0 <=25.0.6) +6 more potentially affected by CVE-2025-9162 via org.keycloak:keycloak-model-storage-services (>=25.0.0 <=25.0.6)

org.keycloak:keycloak-model-storage-services MAVEN version =25.0.0, =3.0.1-25.0, =25.0.0, =25.0.0, =25.0.0, =25.0.0, =25.0.0, =25.0.0, =25.0.0, =25.0.6 Source cves: CVE-2025-9162 Source advisory: OSV:GHSA-8HXP-QMPH-W5GQ...

net.optionfactory.keycloak:optionfactory-keycloak-providers (>=8.1 <=8.9), org.keycloak.testframework:keycloak-test-framework-clustering (>=26.3.0 <=26.3.3) +21 more potentially affected by CVE-2025-9162 via org.keycloak:keycloak-model-storage-services (>=26.3.0 <=26.3.3)

org.keycloak:keycloak-model-storage-services MAVEN version =26.3.0, =8.1, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.3 and more Source cves: CVE-2025-...

EUVD-2020-2253

Malware in sbrugna...

EUVD-2018-1760

Malware in sbrugna...

EUVD-2020-2354

Malware in sbrugna...

EUVD-2018-1631

Malware in sbrugna...

EUVD-2020-12223

Malware in sbrugna...

EUVD-2020-12433

Malware in sbrugna...

CVE-2020-1347

An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka 'Windows Storage Services Elevation of Privilege Vulnerability'...

CVE-2020-13268

A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1...

Microsoft Windows Storage Services 后置链接漏洞

Microsoft Windows Storage Services is a storage service from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Windows Storage Services. An attacker could exploit this vulnerability to elevate privileges. The following products and editions are affected:Windows 10 Version 18...

Virtuozzo Hybrid Infrastructure 6.2 Update 1 Hotfix 3 (6.2.1-68)

This update provides stability fixes. Vulnerability id: VSTOR-94508 In the admin panel, LUNs are not displayed for a new target group. Vulnerability id: VSTOR-94519 When a VM is shelved by a host evacuation task, its attached PCI devices are not released. Vulnerability id: VSTOR-94551 Failed to...

Virtuozzo Hybrid Infrastructure 6.1 Update 1 Hotfix 8 (6.1.1-61)

This update provides stability fixes. Vulnerability id: VSTOR-90793 Volume resize fails when the Nova API is not upgraded. Vulnerability id: VSTOR-94387 A stability fix for the S3 service. Vulnerability id: VSTOR-94519 When a VM is shelved by a host evacuation task, its attached PCI devices are n...

Microsoft Windows Storage Services 后置链接漏洞

Microsoft Windows Storage Services is a storage service from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Windows Storage Services. An attacker could exploit this vulnerability to elevate privileges. The following products and editions are affected:Windows 10 Version 18...

PT-2024-6273 · Microsoft · Windows Storage +1

Name of the Vulnerable Software and Affected Versions: Windows Storage affected versions not specified Description: The issue is related to the use of memory after it has been freed in the Windows Storage Services, which can allow an attacker to elevate their privileges. This is an...

PT-2024-3027 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in Windows Storage Services, which is caused by insecure privilege management. This vulnerability can be exploited by an...

Virtuozzo Hybrid Infrastructure 5.3 Update 1 Hotfix 2 (5.3.1-47)

This update provides stability fixes for the compute, object storage, and core storage services. Vulnerability id: VSTOR-65934 After an update from 5.2.x to 5.3.x, the object storage may not be started due to an invalid configuration file. Vulnerability id: VSTOR-63084 Unable to manage a virtual...