6 matches found
EUVD-2026-17219
Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o...
CVE-2026-32794
Improper Certificate Validation vulnerability in Apache Airflow Provider for Databricks. Provider code did not validate certificates for connections to Databricks back-end which could result in a man-of-a-middle attack that traffic is intercepted and manipulated or credentials exfiltrated w/o...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to missing timestamp validation in the Zoom webhook handler. An attacker can corrupt meeting state by replaying webhook requests. Remediation Upgrade...
CVE-2023-1573
A vulnerability was found in DataGear up to 1.11.1 and classified as problematic. This issue affects some unknown processing of the component Graph Dataset Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public a...
PT-2023-17089 · Datagear · Datagear
Name of the Vulnerable Software and Affected Versions: DataGear versions up to 1.11.1 Description: A vulnerability was found in the Graph Dataset Handler component, leading to cross-site scripting. The attack can be initiated remotely. The issue affects some unknown processing of this component...
PT-2020-14198 · Synergy +1 · Synergy +1
Name of the Vulnerable Software and Affected Versions: Synergy versions prior to 1.12.0 Description: The issue allows a Synergy server to be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff 4294967295 if the server's memory is less than 4 GB. However, it was...