Lucene search
K

4 matches found

Snyk
Snyk
added 2026/04/28 8:18 p.m.4 views

Authorization Bypass Through User-Controlled Key

Overview nvflare is a Federated Learning Application Runtime Environment Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the user management and authentication process. An attacker can gain unauthorized access, escalate privileges, tamper...

9.8CVSS5.7AI score0.00573EPSS
Exploits0References2
OSV
OSV
added 2023/10/23 9:30 p.m.4 views

GHSA-9QQG-MH7C-CHFQ Apache Airflow vulnerable to Exposure of Sensitive Information

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.4.0 to 2.7.0. Sensitive configuration information has been exposed to authenticated users with the ability to read configuration via Airflow REST API for...

5.3CVSS5.7AI score0.01416EPSS
Exploits0References7
PyPA
PyPA
added 2023/10/23 7:15 p.m.7 views

PYSEC-2023-218

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.4.0 to 2.7.0.Sensitive configuration information has been exposed to authenticated users with the ability to read configuration via Airflow REST API for configuratio...

4.3CVSS6.5AI score0.01416EPSS
Exploits0References5Affected Software1
Packet Storm
Packet Storm
added 2015/04/19 12:0 a.m.21 views

Lychee 2.7.1 Remote Code Execution

Advisory ID: SGMA15-002 Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-04-12 Vendor...

7.4AI score
Exploits0
Rows per page
Query Builder