CVE-2024-41937 : APACHE AIRFLOW UP TO 2.9.X CROSS SITE SCRIPTING
Description Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a
Description Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a
Description CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues
Description The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may
Description Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and all previous versions may allow attackers to execute arbitrary
Description Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation vulnerability in the installer. A local
Description Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in
Description Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with
Description Prior to 3385, the user-controlled role parameter enters the application in the Kubernetes::RoleVerificationsController. The role parameter flows into the
Description An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an attacker to update the title, assignees, and
Description An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate
Description LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. A
Description MEGABOT is a fully customized Discord bot for learning and fun. The `/math` command and functionality of MEGABOT versions
Description In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the
Description In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of length verification for
Description There is a LOW severity vulnerability affecting CPython, specifically the ‘http.cookies’ standard library module. When parsing cookies that contained
Description XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is
Description A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a
Description Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic
Description TruffleHog is a secrets scanning tool. Prior to v3.81.9, this vulnerability allows a malicious actor to craft data in
Description A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,
Description A vulnerability was found in itsourcecode Billing System 1.0. It has been rated as critical. This issue affects some
Description In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid memory access while processing fragmented
Description Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795.
Description The Open eClass platform (formerly known as GUnet eClass) is a complete Course Management System. An arbitrary file upload