Lucene search
K

971 matches found

The Hacker News
The Hacker News
added 2023/03/16 7:12 a.m.54 views

What's Wrong with Manufacturing?

In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also th...

Exploits0
Fedora
Fedora
added 2023/03/10 1:38 a.m.49 views

[SECURITY] Fedora 36 Update: redis-6.2.11-1.fc36

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

6.5CVSS6.1AI score0.59706EPSS
Exploits0
Fedora
Fedora
added 2023/03/10 1:24 a.m.48 views

[SECURITY] Fedora 37 Update: redis-7.0.9-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

6.5CVSS6.1AI score0.59706EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/27 12:0 a.m.4 views

PT-2023-20446 · Geoserver +1 · Geoserver +1

Name of the Vulnerable Software and Affected Versions: GeoNode versions prior to 4.0.3 Description: GeoNode is vulnerable to an XML External Entity XXE injection in the style upload functionality of GeoServer, leading to Arbitrary File Read. The issue arises from the dataset style upload view,...

7.1CVSS7.3AI score0.00836EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.3 views

SUSE CVE-2021-37650

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.ExperimentalDatasetToTFRecord and tf.rawops.DatasetToTFRecord can trigger heap buffer overflow and segmentation fault. The implementation assumes that all records in the...

7.8CVSS6.1AI score0.00182EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.4 views

SUSE CVE-2022-21736

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

6.5CVSS6.4AI score0.00746EPSS
Exploits1References3
Fedora
Fedora
added 2023/01/26 1:23 a.m.35 views

[SECURITY] Fedora 37 Update: redis-7.0.8-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

5.5CVSS6AI score0.69355EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/01/24 11:33 a.m.19 views

Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium

Vulnerability analysis results in Orange Cyberdefenses' Security Navigator show that some vulnerabilities first discovered in 1999 are still found in networks today. This is concerning. Age of VOC findings Our Vulnerability Scans are performed on a recurring basis, which provides us the opportuni...

7.3AI score
Exploits0
Veracode
Veracode
added 2023/01/18 5:10 a.m.27 views

Open Redirect

apache-superset is vulnerable to Open Redirect. The vulnerability exists due to improper data validation in the library, allowing an attacker with update dataset permission to change a dataset link to an untrusted site and redirect to the malicious URLs by clicking on a specific dataset...

5.4CVSS5.3AI score0.00994EPSS
Exploits0References5Affected Software3
NVD
NVD
added 2023/01/16 11:15 a.m.25 views

CVE-2022-43721

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

5.4CVSS5.3AI score0.00994EPSS
Exploits0References1
OSV
OSV
added 2023/01/16 11:15 a.m.19 views

CVE-2022-43721

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

5.4CVSS5.3AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/16 10:10 a.m.9 views

CVE-2022-43721 Apache Superset: Open Redirect Vulnerability

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

6.4AI score0.00994EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/16 10:10 a.m.40 views

CVE-2022-43721 Apache Superset: Open Redirect Vulnerability

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

5.5AI score0.00994EPSS
Exploits0References1
CVE
CVE
added 2023/01/16 10:10 a.m.81 views

CVE-2022-43721

CVE-2022-43721 is an Open Redirect vulnerability in Apache Superset. An authenticated user with update datasets permission can alter a dataset’s link to point to an untrusted site, causing users to be redirected when clicking that dataset. Affected: Superset versions ≤ 1.5.2 and 2.0.0, per multip...

5.4CVSS5.2AI score0.00994EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.4 views

PT-2023-14307 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions 1.5.2 and prior Apache Superset version 2.0.0 Description: An authenticated attacker with update datasets permission could change a dataset link to an untrusted site. Users could be redirected to this site when clicki...

5.4CVSS6.8AI score0.00994EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/01/16 12:0 a.m.5 views

Apache Superset 输入验证错误漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An input validation error vulnerability exists in Apache Superset versions 1.5.2 and earlier and 2.0.0, which originates from an authenticated attacker with update dataset privileges could change...

5.4CVSS5.7AI score0.00994EPSS
Exploits0References2
Fedora
Fedora
added 2022/09/26 12:18 a.m.36 views

[SECURITY] Fedora 37 Update: redis-7.0.5-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

9.8CVSS0.7AI score0.02904EPSS
Exploits0
CNNVD
CNNVD
added 2022/07/22 12:0 a.m.2 views

eziod 安全漏洞

eziod is simple image object dataset. A security vulnerability exists in eziod that originates from a code execution backdoor inserted by a third party...

9.8CVSS8.8AI score0.01085EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/22 12:0 a.m.4 views

wikifaces 安全漏洞

wikifaces is a downloader of the Wikipedia "People" image dataset. A security vulnerability exists in wikifaces that stems from a code execution backdoor that allows third-party injection...

9.8CVSS8.8AI score0.01067EPSS
Exploits0References4
OSV
OSV
added 2022/07/07 12:0 a.m.22 views

GHSA-748R-5R8Q-273M Apache Superset allows authenticated users to access metadata they have no permission to

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics...

4.3CVSS4.2AI score0.0126EPSS
Exploits0References4
Rows per page
Query Builder