Lucene search
K

27 matches found

NVD
NVD
added 2026/06/23 8:16 p.m.12 views

CVE-2026-39253

An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components...

8.1CVSS0.00805EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 12:0 a.m.33 views

CVE-2026-39253

An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components...

0.00805EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.9 views

PT-2026-51582

Name of the Vulnerable Software and Affected Versions Pivotal CRM version 6.6.04.08 Description A remote attacker can execute arbitrary code through the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components. Recommendations At the moment, there is no information abo...

8.1CVSS6.2AI score0.00805EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2025/12/17 10:47 p.m.7 views

31g-form-parser (>=1.0.1 <=1.0.126), @1024pix/storybook-ember (=7.1.1) +189 more potentially affected by CVE-2025-68429 via @storybook/core-common (>=7.0.0 <=7.6.20)

@storybook/core-common NPM version =7.0.0, =1.0.1, =0.0.18, =2.0.5, =1.1.1, =0.0.1, =0.0.4, =0.0.0-dev-main.202308160724, =0.0.0-dev-main.202307180716, =0.0.0-dev.main.0b9a477d, =24.10.0, =26.7.0-beta.15 and more Source cves: CVE-2025-68429 Source advisory: SNYK:JS-STORYBOOKCORECOMMON-14470053...

7.3CVSS7AI score0.00235EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/17 10:47 p.m.7 views

@abovethefray/klaviyo-adobe-commerce-app-checkout-consent-dropin (>=0.0.1 <=1.0.0), @adobe-commerce/elsie (>=1.0.0 <=2.0.0-alpha-20260514091936) +111 more potentially affected by CVE-2025-68429 via @storybook/core-common (>=8.0.0-alpha.0 <=8.6.14)

@storybook/core-common NPM version =8.0.0-alpha.0, =0.0.1, =1.0.0, =1.0.6, =0.0.0-AddSnapshotPipeline-20240326102812, =1.0.213-beta.38, =0.38.0, =0.41.1, =1.0.0, =0.1.0, =1.16.0, =4.18.0, =0.0.6, =1.1.1, =1.2.2 and more Source cves: CVE-2025-68429 Source advisory:...

7.3CVSS7AI score0.00235EPSS
Exploits0
Snyk
Snyk
added 2025/12/17 10:47 p.m.5 views

Insertion of Sensitive Information into Externally-Accessible File or Directory

Overview @storybook/core-common is a Storybook framework-agnostic API Affected versions of this package are vulnerable to Insertion of Sensitive Information into Externally-Accessible File or Directory via the storybook build command. An attacker can access sensitive environment variables by...

7.5CVSS6.9AI score0.00235EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/02 12:31 p.m.6 views

org.apache.kylin:kylin-engine-build-sdk (>=5.0.0 <=5.0.2), org.apache.ranger:ranger-kylin-plugin (>=2.5.0 <=2.8.0) +1 more potentially affected by CVE-2025-61734 via org.apache.kylin:kylin-core-common (>=4.0.4 <=5.0.2)

org.apache.kylin:kylin-core-common MAVEN version =4.0.4, =5.0.0, =2.5.0, =2.5.0, =2.8.0 Source cves: CVE-2025-61734 Source advisory: SNYK:JAVA-ORGAPACHEKYLIN-13181860...

7.5CVSS5.8AI score0.01251EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/02 12:31 p.m.6 views

org.apache.kylin:kylin-engine-build-sdk (>=5.0.0 <=5.0.2), org.apache.ranger:ranger-kylin-plugin (>=2.5.0 <=2.8.0) +1 more potentially affected by CVE-2025-61734 via org.apache.kylin:kylin-core-common (>=4.0.4 <=5.0.2)

org.apache.kylin:kylin-core-common MAVEN version =4.0.4, =5.0.0, =2.5.0, =2.5.0, =2.8.0 Source cves: CVE-2025-61734 Source advisory: OSV:GHSA-P86W-W5RH-M3HX...

7.5CVSS5.8AI score0.01251EPSS
Exploits0
Snyk
Snyk
added 2025/10/02 12:31 p.m.4 views

Files or Directories Accessible to External Parties

Overview org.apache.kylin:kylin-core-common is a package part of Apache Kylin. Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests...

7.5CVSS6.7AI score0.01251EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/02 12:31 p.m.6 views

org.apache.kylin:kylin-engine-build-sdk (>=5.0.0 <=5.0.2), org.apache.ranger:ranger-kylin-plugin (>=2.5.0 <=2.8.0) +1 more potentially affected by CVE-2025-61733 via org.apache.kylin:kylin-core-common (>=4.0.4 <=5.0.2)

org.apache.kylin:kylin-core-common MAVEN version =4.0.4, =5.0.0, =2.5.0, =2.5.0, =2.8.0 Source cves: CVE-2025-61733 Source advisory: OSV:GHSA-MR9J-4J48-XCM2...

7.5CVSS5.8AI score0.01224EPSS
Exploits0
Snyk
Snyk
added 2025/10/02 12:31 p.m.2 views

Authentication Bypass Using an Alternate Path or Channel

Overview org.apache.kylin:kylin-core-common is a package part of Apache Kylin. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the /api/user/updateuser endpoint. An attacker can gain unauthorized access by exploiting this endpoint t...

9.3CVSS7AI score0.01224EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/02 12:31 p.m.3 views

Server-side Request Forgery (SSRF)

Overview org.apache.kylin:kylin-core-common is a package part of Apache Kylin. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF. An attacker can access internal resources, exfiltrate sensitive information, or perform unauthorized actions by sending crafted...

7.3CVSS6.9AI score0.00499EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/02 12:31 p.m.6 views

org.apache.kylin:kylin-engine-build-sdk (>=5.0.0 <=5.0.2), org.apache.ranger:ranger-kylin-plugin (>=2.5.0 <=2.8.0) +1 more potentially affected by CVE-2025-61735 via org.apache.kylin:kylin-core-common (>=4.0.4 <=5.0.2)

org.apache.kylin:kylin-core-common MAVEN version =4.0.4, =5.0.0, =2.5.0, =2.5.0, =2.8.0 Source cves: CVE-2025-61735 Source advisory: OSV:GHSA-F6M8-QM7J-FH65...

7.3CVSS5.8AI score0.00499EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/02 12:31 p.m.7 views

org.apache.kylin:kylin-engine-build-sdk (>=5.0.0 <=5.0.2), org.apache.ranger:ranger-kylin-plugin (>=2.5.0 <=2.8.0) +1 more potentially affected by CVE-2025-61733 via org.apache.kylin:kylin-core-common (>=4.0.4 <=5.0.2)

org.apache.kylin:kylin-core-common MAVEN version =4.0.4, =5.0.0, =2.5.0, =2.5.0, =2.8.0 Source cves: CVE-2025-61733 Source advisory: SNYK:JAVA-ORGAPACHEKYLIN-13181893...

7.5CVSS5.8AI score0.01224EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/02 12:31 p.m.6 views

org.apache.kylin:kylin-engine-build-sdk (>=5.0.0 <=5.0.2), org.apache.ranger:ranger-kylin-plugin (>=2.5.0 <=2.8.0) +1 more potentially affected by CVE-2025-61735 via org.apache.kylin:kylin-core-common (>=4.0.4 <=5.0.2)

org.apache.kylin:kylin-core-common MAVEN version =4.0.4, =5.0.0, =2.5.0, =2.5.0, =2.8.0 Source cves: CVE-2025-61735 Source advisory: SNYK:JAVA-ORGAPACHEKYLIN-13181847...

7.3CVSS5.8AI score0.00499EPSS
Exploits0
Snyk
Snyk
added 2025/03/27 3:31 p.m.3 views

Arbitrary Code Injection

Overview org.apache.kylin:kylin-core-common is a package part of Apache Kylin. Affected versions of this package are vulnerable to Arbitrary Code Injection via the alteration of the JDBC connection configuration. An attacker can execute arbitrary code by modifying the JDBC settings if they gain...

7.2CVSS8.2AI score0.00815EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/03/27 3:31 p.m.6 views

org.apache.kylin:kylin-engine-build-sdk (>=5.0.0 <=5.0.0-beta), org.apache.ranger:ranger-kylin-plugin (>=2.5.0 <=2.8.0) +1 more potentially affected by CVE-2025-30067 via org.apache.kylin:kylin-core-common (>=4.0.4 <=5.0.0)

org.apache.kylin:kylin-core-common MAVEN version =4.0.4, =5.0.0, =2.5.0, =2.5.0, =2.8.0 Source cves: CVE-2025-30067 Source advisory: SNYK:JAVA-ORGAPACHEKYLIN-9538803...

7.2CVSS5.8AI score0.00815EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/27 3:31 p.m.7 views

org.apache.kylin:kylin-engine-build-sdk (=5.0.0) potentially affected by CVE-2024-48944 via org.apache.kylin:kylin-core-common (=5.0.0)

org.apache.kylin:kylin-core-common MAVEN version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.kylin:kylin-core-common and may be impacted: - org.apache.kylin:kylin-engine-build-sdk =5.0.0 Source cves: CVE-2024-48944 Source advisory...

6.5CVSS5.8AI score0.00577EPSS
Exploits0
Snyk
Snyk
added 2025/03/27 3:31 p.m.3 views

Server-side Request Forgery (SSRF)

Overview org.apache.kylin:kylin-core-common is a package part of Apache Kylin. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the /kylin/api/xxx/diag endpoint. An attacker can forge requests to internal services by invoking this specific API endpoint ...

6.5CVSS7AI score0.00577EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/01/29 3:30 p.m.5 views

org.apache.kylin:kylin-cache (>=2.6.0 <=4.0.0-alpha), org.apache.kylin:kylin-core-cube (>=2.0.0 <=4.0.0-alpha) +22 more potentially affected by CVE-2023-29055 via org.apache.kylin:kylin-core-common (>=2.0.0 <=4.0.0-alpha)

org.apache.kylin:kylin-core-common MAVEN version =2.0.0, =2.6.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.3.2, =2.0.0, =2.6.0, =2.3.2, =2.3.2, =2.0.0, =2.0.0, =2.6.0, =2.0.0, =3.0.2 - org.apache.kylin:kylin-spark-common =4.0.0-alpha and more Source cves: CVE-2023-29055 Source advisory:...

7.5CVSS7.1AI score0.01149EPSS
Exploits0
Rows per page
Query Builder