Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-7534

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00074EPSS
Exploits1References5
NVD
NVDadded 2022/12/27 10:15 p.m.8 views

CVE-2022-2582

The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it...

4.3CVSS0.00074EPSS
Exploits1References2
OSV
OSVadded 2022/12/27 10:15 p.m.8 views

CVE-2022-2582

The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it...

4.3CVSS4.3AI score
Exploits0References2
Vulnrichment
Vulnrichmentadded 2022/12/27 9:13 p.m.7 views

CVE-2022-2582 Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go

The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is readable to the attacker. AWS now blocks this metadata field, but older SDK versions still send it...

4.5AI score0.00074EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/12/27 12:0 a.m.1 views

AWS SDK for Android 加密问题漏洞

AWS SDK for Android is an AWS SDK for Android open source by AWS Amplify. A security vulnerability exists in AWS SDK for Android that stems from sending an unencrypted hash of plaintext along with ciphertext as a metadata field. If the hash is readable by an attacker, the hash can be used to brut...

4.3CVSS5.1AI score0.00074EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2022/02/11 11:26 p.m.47 views

Duplicate Advisory: Unencrypted md5 plaintext hash in metadata in AWS S3 Crypto SDK for golang

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6jvc-q2x7-pchv. This link is maintained to preserve external references. Original Description Summary The golang AWS S3 Crypto SDK was impacted by an issue that can result in loss of confidentiality. An attacker...

5.4AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2022/02/11 12:0 a.m.1 views

PT-2022-17545 · Amazon Web Services · Aws S3 Crypto Sdk

Name of the Vulnerable Software and Affected Versions: AWS S3 Crypto SDK affected versions not specified Description: The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field. This hash can be used to brute force the plaintext, if the hash is...

4.3CVSS4.4AI score0.00074EPSS
Exploits1References17
Rows per page
Query Builder