28 matches found
Windows Defender < 4.18.26040.7 DoS (CVE-2026-45498)
The Antimalware Platform version of Microsoft Windows Defender installed on the remote Windows host is prior to 4.18.26040.7. It is, therefore, affected by a denial of service vulnerability: - Microsoft Defender Denial of Service Vulnerability. CVE-2026-45498 Note that Nessus has not tested for...
CVE-2026-45498
Microsoft Defender Denial of Service Vulnerability...
CVE-2026-45498 Microsoft Defender Denial of Service Vulnerability
...
CVE-2026-45498
Microsoft Defender Denial of Service Vulnerability...
CVE-2026-45498
Technical details are not publicly available in the provided documents for CVE-2026-45498; monitor for updates on affected products, impact, and remediation.
CVE-2026-45498
creationtimestamp| type| source ---|---|--- 2026-05-19 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1878 2026-05-20 10:16:09+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-av26-489 2026-05-20 14:10:08+00:00| seen|...
VulnCheck KEV: CVE-2026-45498
Microsoft Defender Denial of Service Vulnerability...
CVE-2023-45498
VinChin Backup & Recovery v5.0., v6.0., v6.7., and v7.0. was discovered to contain a command injection vulnerability...
CVE-2024-45498
Example DAG: exampleinleteventextra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the...
CVE-2022-45498
An issue in the component tpisystoolhandle0 /goform/SysToolReboot of Tenda W6-S v1.0.0.4510 allows unauthenticated attackers to arbitrarily reboot the device...
CVE-2021-45498
NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass...
CVE-2024-45498
creationtimestamp| type| source ---|---|--- 2024-09-07 10:59:08+00:00| seen| https://t.me/cvedetector/5012 2026-05-21 12:25:13+00:00| seen| https://bsky.app/profile/sec-news-bot.bsky.social/post/3mmeg2jl2ef2g...
aglow (>=0.1.0rc3 <=0.1.0rc4), ai-flow (>=0.1.0 <=0.3.1) +114 more potentially affected by CVE-2024-45498 via apache-airflow (>=1.10.1 <=2.0.2)
apache-airflow PYPI version =1.10.1, =0.1.0rc3, =0.1.0, =1.0.7, =0.5.1, =0.1.0, =0.1.1, =0.0.7, =2.4.2, =1.0.1, =0.0.1, =0.1.6, =0.0.2, =1.0.0, =1.2.1, =1.6.2 and more Source cves: CVE-2024-45498 Source advisory: OSV:PYSEC-2024-266...
CVE-2024-45498 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-45498 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2024-45498 Apache Airflow: Command Injection in an example DAG
Example DAG: exampleinleteventextra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the...
Internet Bug Bounty: CVE-2024-45498: Apache Airflow Command injection in read_dataset_event_from_classic DAG
CVE-2024-45498 was a command injection vulnerability in the readdataseteventfromclassic DAG in Apache Airflow version 2.10.0. The vulnerability allowed an attacker with user privileges to inject OS commands into the s3://output/1.txt dataset, which were then executed when the DAG was triggered...
Vinchin Backup And Recovery Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in Vinchin Backup & Recovery v5.0., v6.0., v6.7., and v7.0.. Due to insufficient input validation in the checkIpExists API endpoint, an attacker can execute arbitrary commands as the web server user. This module requires Metasploit...
CVE-2023-45498
creationtimestamp| type| source ---|---|--- 2023-12-20 18:17:22+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vinchinbackuprecoverycmdinject.rb 2023-12-22 19:41:28+00:00| seen| https://t.me/arpsyndicate/2066 2023-12-28 13:03:10+00:00|...
CVE-2023-45498
CVE-2023-45498 affects VinChin Backup & Recovery v5.0., v6.0. , v6.7., and v7.0. due to a command-injection vulnerability from insufficient input validation in the vulnerable API (checkIpExists). This allows remote arbitrary command execution as the web server user, with high impact on confidenti...