CVE-2023-1718

Improper file stream access in /desktopapp/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmpurl"...

BIT-MINIO-2021-21362 Bypassing readOnly policy by creating a temporary 'mc share upload' URL

MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-04T00-53-13Z it is possible to bypass a readOnly policy by creating a temporary 'mc share upload' URL. Everyone is impacted who us...

The vulnerability of the `desktop_app/file.ajax.php?action=uploadfile` component in the main module of the Bitrix24 business management service allows a attacker to cause a service failure.

The vulnerability of the desktopapp/file.ajax.php?action=uploadfile component in the main module of the Bitrix24 business management service is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service...

SUSE CVE-2015-5223

OpenStack Object Storage Swift before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container...

CVE-2021-21362

MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-04T00-53-13Z it is possible to bypass a readOnly policy by creating a temporary 'mc share upload' URL. Everyone is impacted who us...

CVE-2021-21362

MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-04T00-53-13Z it is possible to bypass a readOnly policy by creating a temporary 'mc share upload' URL. Everyone is impacted who us...

CVE-2021-21362 Bypassing readOnly policy by creating a temporary 'mc share upload' URL

MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-04T00-53-13Z it is possible to bypass a readOnly policy by creating a temporary 'mc share upload' URL. Everyone is impacted who us...

PT-2021-3472 · Minio +1 · Minio +1

Name of the Vulnerable Software and Affected Versions: MinIO versions prior to RELEASE.2021-03-04T00-53-13Z Description: The issue is related to authorization errors in MinIO, an open-source high performance object storage service compatible with Amazon S3 cloud storage. It allows a remote attack...

Multiple Vulnerabilities in OpenStack Object Storage

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration in collaboration with Rackspace in the U.S. OpenStack Object Storage a.k.a. Swift is one of these programs used to storage project for storing permanent static data. A security...

UBUNTU-CVE-2015-5223

OpenStack Object Storage Swift before 2.4.0 allows attackers to obtain sensitive information via a PUT tempurl and a DLO object manifest that references an object in another container...

Swift: TempURL timing attack

The TempURL middleware in OpenStack Object Storage Swift 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack...