SQL Injection vulnerability in crmeb_java before v1.3.4 allows attackers to run arbitrary SQL commands via crafted GET request to the component...Read More ...
Continue Reading01 марта, 2024
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI. Us ...
Continue Reading01 марта, 2024
apache-superset is vulnerable for Improper Neutralization. The vulnerability is caused by a guest user sending syntactically incorrect SQL statements to the chart data rest api. When the API returns a ...
Continue Reading01 марта, 2024
Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the ...
Continue Reading01 марта, 2024
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI. Us ...
Continue Reading01 марта, 2024
A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: befor ...
Continue Reading29 февраля, 2024
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is appli ...
Continue Reading29 февраля, 2024
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordf ...
Continue Reading29 февраля, 2024
Back to Main