The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0732-1 advisory. A vulnerability in the privateD ...
Continue Reading
March 01, 2024
Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the ...
Continue Reading
March 01, 2024
SQL Injection vulnerability in crmeb_java before v1.3.4 allows attackers to run arbitrary SQL commands via crafted GET request to the component...Read More ...
Continue Reading
March 01, 2024
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI. Us ...
Continue Reading
March 01, 2024
apache-superset is vulnerable for Improper Neutralization. The vulnerability is caused by a guest user sending syntactically incorrect SQL statements to the chart data rest api. When the API returns a ...
Continue Reading
March 01, 2024
Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the ...
Continue Reading
March 01, 2024
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI. Us ...
Continue Reading
March 01, 2024
A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: befor ...
Continue Reading
February 29, 2024
Back to Main
