Lucene search
K

6 matches found

EUVD
EUVD
added 2026/03/31 12:31 a.m.5 views

EUVD-2026-17219

Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o...

4.8CVSS5.9AI score0.00355EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/30 9:43 p.m.2 views

CVE-2026-32794

Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o...

5.9AI score0.00355EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2026/03/26 6:35 p.m.9 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to missing timestamp validation in the Zoom webhook handler. An attacker can corrupt meeting state by replaying webhook requests. Remediation Upgrade...

2.2CVSS5.9AI score0.00291EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.8 views

CVE-2023-1573

A vulnerability was found in DataGear up to 1.11.1 and classified as problematic. This issue affects some unknown processing of the component Graph Dataset Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public a...

6.1CVSS5.8AI score0.0063EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/03/22 12:0 a.m.9 views

PT-2023-17089 · Datagear · Datagear

Name of the Vulnerable Software and Affected Versions: DataGear versions up to 1.11.1 Description: A vulnerability was found in the Graph Dataset Handler component, leading to cross-site scripting. The attack can be initiated remotely. The issue affects some unknown processing of this component...

6.1CVSS6.8AI score0.0063EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2020/07/15 12:0 a.m.4 views

PT-2020-14198 · Synergy +1 · Synergy +1

Name of the Vulnerable Software and Affected Versions: Synergy versions prior to 1.12.0 Description: The issue allows a Synergy server to be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff 4294967295 if the server's memory is less than 4 GB. However, it was...

6.5CVSS6.7AI score0.02494EPSS
Exploits0References21
Rows per page
Query Builder