8 matches found
EUVD-2025-25477
Malicious code in bioql PyPI...
BIT-SUPERSET-2023-42504 Apache Superset: Lack of rate limiting allows for possible denial of service
An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service. This issue affects Apache Superset: before 3.0.0...
PT-2023-24472
Name of the Vulnerable Software and Affected Versions Bookreen versions prior to 3.0.0 Description The issue affects Unisign Bookreen, allowing OS Command Injection due to an Unrestricted Upload of File with Dangerous Type vulnerability. Recommendations For versions prior to 3.0.0, update to...
Mattermost Server is vulnerable to XSS via a Legal or Support setting
An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting...
CVE-2021-23422
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output...
DEBIAN-CVE-2021-3478
There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability...
DEBIAN-CVE-2021-3476
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...
Cisco Identity Services Engine Elevation of Privilege Vulnerability
Cisco Identity Services Engine ISE is a next-generation identity and access control policy platform that enables organizations to enforce compliance, enhance infrastructure security, and streamline their service operations. An elevation of privilege vulnerability exists in the Microsoft Active...