Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2022/09/02 12:0 a.m.5 views

PT-2022-24256 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.3.4 Description: The issue is related to an insecure umask configuration in Apache Airflow when running with the --daemon flag. This could lead to a race condition, resulting in world-writable files in the...

5.7CVSS4.6AI score0.00593EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2022/09/02 12:0 a.m.3 views

PT-2022-23159 · Sftpgo · Sftpgo

Name of the Vulnerable Software and Affected Versions: SFTPGo versions 2.2.0 through 2.3.3 Description: SFTPGo is a configurable SFTP server with optional HTTP/S, FTP/S, and WebDAV support. It supports login using TOTP Time-based One Time Passwords as a secondary authentication factor and also...

8.3CVSS7.6AI score0.00438EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2022/08/03 12:0 a.m.6 views

PT-2022-18522 · Synology · Synology Calendar

Name of the Vulnerable Software and Affected Versions: Synology Calendar versions prior to 2.3.4-0631 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability, in the webapi component. This allows remote...

5CVSS6.9AI score0.0078EPSS
Exploits0References5
Elastic
Elastic
added 2016/07/07 4:57 p.m.5 views

Logstash 2.3.3 Elasticsearch Output Vulnerability

Hi all, we would like to announce a security vulnerability we discovered in our testing. Logstash 2.3.4 has been released with a patch to fix this. Issue Prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information...

6.9AI score
Exploits0
Rows per page
Query Builder