Lucene search
+L

4 matches found

OSV
OSV
added 2026/06/22 7:38 a.m.2 views

CVE-2026-44914 Apache NiFi: Missing Authorization of Restricted Permissions when Replacing Flow Contents

Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework authorization did not...

7.5CVSS6AI score0.00393EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/08 1:38 p.m.38 views

CVE-2026-39816 Apache NiFi: Missing Execute Code Required Permission on TinkerpopClientService

The optional extension component TinkerpopClientService is missing the Restricted annotation with the Execute Code Required Permission in Apache NiFi 2.0.0-M1 through 2.8.0. The TinkerpopClientService supports configuration of ByteCode Submission for the Script Submission Type, enabling Groovy...

7.5CVSS0.0076EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.4 views

SUSE CVE-2022-39318

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in urbdrc channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to...

4.5CVSS5.8AI score0.00953EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.11 views

PT-2022-5612 · Freerdp +9 · Freerdp +9

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.9.0 Description: The issue is related to the missing path canonicalization and base path check for the drive channel in FreeRDP, allowing a malicious server to trick a FreeRDP-based client into reading files outsid...

9.8CVSS6.6AI score0.0375EPSS
Exploits16References190
Rows per page
Query Builder