18 matches found
EUVD-2023-0011
Malicious code in bioql PyPI...
CVE-2023-22888
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to cause a service disruption by manipulating the runid parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version th...
CVE-2022-40127
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided runid parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0...
TONGDA Office Anywhere SQL注入漏洞
TONGDA Office Anywhere is a collaborative office OA system of China Tongda TONGDA. TONGDA Office Anywhere has a SQL injection vulnerability that originates from the RUNID parameter of the /pda/approvecenter/prcsinfo.php page that contains a SQL injection vulnerability...
Apache Airflow Input Validation Error Vulnerability (CNVD-2023-67074)
Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An input validation error vulnerability exists in Apache Airflow versions prior to...
Apache Airflow Path Traversal Vulnerability
Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A path traversal vulnerability exists in Apache Airflow versions prior to 2.6.3,...
CVE-2023-22887
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the runid parameter. This vulnerability is considered low since it requires an authenticated user to exploit i...
CVE-2023-22887
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the runid parameter. This vulnerability is considered low since it requires an authenticated user to exploit i...
CVE-2023-22888 Apache Airflow: Scheduler remote DoS
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to cause a service disruption by manipulating the runid parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version th...
CVE-2023-22888 Apache Airflow: Scheduler remote DoS
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to cause a service disruption by manipulating the runid parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version th...
Apache Airflow 路径遍历漏洞
Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A path traversal vulnerability exists in Apache Airflow versions prior to 2.6.3,...
Apache Airflow 输入验证错误漏洞
Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An input validation error vulnerability exists in Apache Airflow versions prior to...
Apache Airflow code injection vulnerability
Apache Airflow is an open source platform for creating, managing, and monitoring workflows from the Apache Foundation. The platform is scalable and dynamic monitoring features. Apache Airflow has a code injection vulnerability, the vulnerability stems from the user input structure during the...
Apache Airflow vulnerable to OS Command Injection via example DAGs
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided runid parameter. This issue affects Apache Airflow versions prior to 2.4.0...
GHSA-6PW3-8H9W-32GC Apache Airflow vulnerable to OS Command Injection via example DAGs
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided runid parameter. This issue affects Apache Airflow versions prior to 2.4.0...
PYSEC-2022-42982
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided runid parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0...
CVE-2019-9759
An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approvecenter/list/inputform/workhandle.php runid parameter...
CVE-2019-9759
An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approvecenter/list/inputform/workhandle.php runid parameter...