Apache Airflow 访问控制错误漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions prior to 2.8.0,...

ASUS Router Buffer Overflow Vulnerability

ASUS routers is a wireless router product from ASUS. A buffer overflow vulnerability exists in the 'ejupdatevariables' function in the router/httpd/web.c file in ASUS routers. An attacker could exploit this vulnerability by sending a request to update settings to execute code...

CVE-2018-5721

Stack-based buffer overflow in the ejupdatevariables function in router/httpd/web.c on ASUS routers when using software from https://github.com/RMerl/asuswrt-merlin allows web authenticated attackers to execute code via a request that updates a setting. In ejupdatevariables, the length of the...

The vulnerability of the Business Process Manager system allows a perpetrator to circumvent existing access restrictions and update dynamic processes.

The vulnerability of the Business Process Manager system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and update process variables through calls to the REST API...