15 matches found
ROOT-APP-PYPI-CVE-2023-34395 CVE-2023-34395 in rootio-apache-airflow-providers-odbc - Patched by Root
Root has patched CVE-2023-34395 in the rootio-apache-airflow-providers-odbc package for Root:PyPI. Multiple fixed versions available...
CVE-2026-34395
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/YPTWallet/view/users.json.php endpoint returns all platform users with their personal information and wallet balances to any authenticated user. The endpoint checks User::isLogged but does not check User::isAdmin...
CVE-2026-34395 AVideo: Mass User PII Disclosure via Missing Authorization in YPTWallet users.json.php
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/YPTWallet/view/users.json.php endpoint returns all platform users with their personal information and wallet balances to any authenticated user. The endpoint checks User::isLogged but does not check User::isAdmin...
CVE-2026-34395 AVideo: Mass User PII Disclosure via Missing Authorization in YPTWallet users.json.php
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/YPTWallet/view/users.json.php endpoint returns all platform users with their personal information and wallet balances to any authenticated user. The endpoint checks User::isLogged but does not check User::isAdmin...
CVE-2025-34395
creationtimestamp| type| source ---|---|--- 2025-12-10 15:52:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115696069836441774 2025-12-10 17:11:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7nkj2f4rx2c...
CVE-2023-34395
creationtimestamp| type| source ---|---|--- 2023-06-27 16:12:00+00:00| seen| https://t.me/cibsecurity/65569...
CVE-2023-34395 Apache Airflow ODBC Provider: Remote code execution vulnerability
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of...
CVE-2023-34395 Apache Airflow ODBC Provider: Remote code execution vulnerability
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Software Foundation Apache Airflow ODBC Provider. In OdbcHook, A privilege escalation vulnerability exists in a system due to controllable ODBC driver parameters that allow the loading of...
CVE-2023-34395
CVE-2023-34395 affects the Apache Airflow ODBC Provider, specifically the OdbcHook component. The vulnerability stems from controllable ODBC driver parameters that allow loading of arbitrary dynamic-link libraries, enabling command execution and a privilege escalation in a local context. The issu...
CVE-2022-34395
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
CVE-2021-34395
creationtimestamp| type| source ---|---|--- 2021-06-23 02:27:33+00:00| seen| https://t.me/cibsecurity/25633...
CVE-2021-34395
Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited information disclosure, a low risk of modifcations to data, and limited denial of service...
CVE-2021-34395
CVE-2021-34395 is a local, access-permission issue in Trusty TLK (NVIDIA TLK kernel) where access to a resource may not be properly restricted for a locally privileged user. The impact described in the sources is limited information disclosure, with a low likelihood of data modification and limit...
CVE-2022-34395
...
CVE-2022-34395
CVE-2022-34395 is rejected and not used as an active vulnerability entry.