Lucene search
K

6 matches found

OSV
OSV
added 2026/05/18 2:0 p.m.6 views

CLEANSTART-2026-AH59738 Security fixes for CVE-2026-35469, ghsa-hr2v-4r36-88hr, ghsa-pc3f-x583-g7j2 applied in versions: 26.4.2

Multiple security vulnerabilities affect the linkerd2 package. These issues are resolved in later releases. See references for individual vulnerability details...

8.7CVSS5.8AI score0.00656EPSS
Exploits0References5
OSV
OSV
added 2026/05/18 1:38 p.m.6 views

CLEANSTART-2026-HI64288 Security fixes for CVE-2026-35469, ghsa-hr2v-4r36-88hr, ghsa-pc3f-x583-g7j2 applied in versions: 26.4.2

Multiple security vulnerabilities affect the linkerd2 package. These issues are resolved in later releases. See references for individual vulnerability details...

8.7CVSS5.8AI score0.00656EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/05 10:22 p.m.6 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization n the ServerSecurityUser.getDatabaseUser and ArcadeDBServer.createDatabase processes. An attacker can gain unauthorized access to read, write, and modify schema and data across databases by exploiting improper...

9CVSS5.8AI score0.00344EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 10:22 p.m.9 views

GHSA-FXC7-FM93-6Q77 ArcadeDB vulnerable to cross-database authorization bypass and unsecured newly-created databases

Impact Authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an uninitialized fileAccessMap, which...

9CVSS5.8AI score0.00344EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/05 10:22 p.m.14 views

ArcadeDB vulnerable to cross-database authorization bypass and unsecured newly-created databases

Impact Authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an uninitialized fileAccessMap, which...

9CVSS5.8AI score0.00344EPSS
Exploits0References4Affected Software1
Packet Storm News
Packet Storm News
added 2026/04/30 12:0 a.m.9 views

Apple Security Advisory 04-22-2026-1

Apple Security Advisory 04-22-2026-1 - iOS 26.4.2 and iPadOS 26.4.2 address a logging issue with improved data redaction...

6.2CVSS5.4AI score0.0288EPSS
Exploits0
Rows per page
Query Builder