Lucene search
K

7 matches found

Cvelist
Cvelist
added 14 hours ago6 views

CVE-2026-40006 Apache IoTDB: Unauthenticated heap-exhaustion DoS via unbounded allocation in IoTDB AirGap pipe receiver

Memory Allocation with Excessive Size Value, Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 with no...

Exploits0References1
EUVD
EUVD
added 14 hours ago5 views

EUVD-2026-42833

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache IoTDB. An attacker can write arbitrary files anywhere the IoTDB process has write permissions with unsafe API. This issue affects Apache IoTDB: from 1.0.0 before 2.0.10. Users are recommended to...

9.1CVSS6.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55878

Name of the Vulnerable Software and Affected Versions Apache IoTDB versions 1.3.3 through 2.0.7 Description An uncontrolled resource consumption issue exists where certain interfaces do not impose reasonable limits on the time span and aggregation interval of queries. An attacker can send a reque...

7.5CVSS5.9AI score0.00546EPSS
Exploits0References6
OSV
OSV
added 2026/03/09 9:30 a.m.3 views

GHSA-6W48-2G9J-V9Q5 Apache IoTDB has an Improper Input Validation vulnerability

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

9.8CVSS5.7AI score0.00662EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/09/24 7:59 a.m.9 views

CVE-2025-48392 Apache IoTDB: DoS Vulnerability

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

0.00562EPSS
Exploits0References1
PyPA
PyPA
added 2023/04/17 8:15 a.m.7 views

PYSEC-2023-8

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database.This problem is fixed from version 0.13.4 of...

9.8CVSS7AI score0.01447EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2023/04/17 7:15 a.m.7 views

PYSEC-2023-7

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3.Attackers could login without authorization. This is fixed in 0.13.4...

9.8CVSS6.9AI score0.01222EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder