Lucene search
K

7 matches found

CVE
CVE
added 2026/04/09 11:12 a.m.37 views

CVE-2025-57735

CVE-2025-57735 affects Airflow where a JWT token used to authenticate a user was not invalidated at logout. The provided sources indicate that Airflow 3.2 introduced a logout token-invalidation mechanism, and upgrading to Airflow 3.2.0 or newer fixes the issue. The CVSS vector in the initial desc...

9.1CVSS5.8AI score0.00667EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/04/09 10:16 a.m.4 views

CVE-2025-62188

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, including database credentials. This issue affects Apache DolphinScheduler versions 3.1.. Users are...

7.5CVSS0.00521EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/09 9:27 a.m.3 views

CVE-2025-62188 Apache DolphinScheduler: Users can access sensitive information through the actuator endpoint.

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, including database credentials. This issue affects Apache DolphinScheduler versions 3.1.. Users are...

6.9AI score0.00521EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/28 12:0 a.m.13 views

PT-2025-9137

Name of the Vulnerable Software and Affected Versions Brocade ASCG versions prior to 3.2.0 Description The issue concerns the lack of HTTP Strict Transport Security HSTS enforcement in the web interface, as defined by RFC 6797. HSTS is an optional response header that can be configured on the...

9.1CVSS6.2AI score0.00341EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/01/17 12:0 a.m.7 views

PT-2025-3394 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.0 Description: The issue is related to Cross Site Scripting XSS via the dados addInfo parameter of the "documentos funcionario.php" endpoint. This allows for potential malicious script injection. Recommendations: F...

6.1CVSS6.3AI score0.00336EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.7 views

PT-2024-36610 · Unknown · Graphics::Colornames

Name of the Vulnerable Software and Affected Versions: Graphics::ColorNames versions prior to 3.2.0 Description: The issue is related to an ambiguity between modules and filenames in the Graphics::ColorNames package for Perl, which can lead to HTML injection by an attacker who can create a file i...

5.3CVSS6.8AI score0.00511EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.7 views

camel: DNS Rebinding in JMX Connector could result in remote command execution

Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0...

7.5CVSS7.1AI score0.14331EPSS
Exploits0References4
Rows per page
Query Builder