2 matches found
CVE-2024-37865
CVE-2024-37865 affects S3Browser versions 10.9.9 through 11.4.5. The issue enables a remote attacker to obtain sensitive information via the S3-compatible storage component. Fixed in version 11.5.7. Supported sources from Red Hat/NVD indicate the same affected ranges and the designated fix versio...
CVE-2018-20298
CVE-2018-20298 concerns S3 Browser prior to 8.1.5 with an XML external entity (XXE) vulnerability in the S3 protocol. An attacker can lure a user to connect to a malicious server, causing the application to read local files and reveal NTLMv2 hashes via XML-based responses. Multiple connected sour...