EUVD-2026-29510

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...

CVE-2026-31226

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...

PT-2026-40065

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 2025-58-24 contains a critical command injection vulnerability CWE-78 in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system without proper...

EUVD-2025-25488

Malicious code in bioql PyPI...

CVE-2025-54460

The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...

CVE-2025-54460

The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...

CVE-2025-54460 AVEVA PI Integrator Unrestricted Upload of File with Dangerous Type

The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...

CVE-2025-54460

The CVE-2025-54460 entry corresponds to AVEVA PI Integrator and describes an authenticated user with privileges to create or access publication targets (Text File or HDFS) being able to upload and persist files that could be executed. Connected sources corroborate an unrestricted upload of a dang...

PT-2025-34294 · Apache · Hdfs

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: The vulnerability could allow an authenticated attacker with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be...

Rollbaccine : Herd Immunity against Storage Rollback Attacks in TEEs [Technical Report]

Today, users can "lift-and-shift" unmodified applications into modern, VM-based Trusted Execution Environments TEEs in order to gain hardware-based security guarantees. However, TEEs do not protect applications against disk rollback attacks, where persistent storage can be reverted to an earlier...

Apache Airflow 安全漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A code execution vulnerability exists in Apache Airflow HDFS Provider, which stems...

PT-2023-5203 · Apache · Apache Airflow Hdfs Provider

Name of the Vulnerable Software and Affected Versions: Apache Airflow HDFS Provider versions prior to 4.1.1 Description: The issue is related to the Apache Airflow HDFS Provider, where a documentation error pointed users to an incorrect pip package. This package name was unclaimed, potentially...

Apache Storm User Interface Arbitrary Code Execution Vulnerability

Apache Storm is a free, open source distributed real-time computing system. Apache Storm has a security vulnerability that allows a remote user to connect to the UI backend program and execute arbitrary code on the system. Using Kerberos authentication for users, remote users can spoof arbitrary...

IBM InfoSphere BigInsights SQL Component Unauthorized Access Vulnerability

IBM InfoSphere BigInsights is a set of software platform for storing and analyzing "big data" from IBM in the United States. The platform provides solutions for managing and analyzing massive amounts of structured and unstructured data.Big SQL is one of the SQL interface components. A security...