Lucene search
K

8 matches found

CNNVD
CNNVD
added 2025/04/09 12:0 a.m.4 views

Schneider Electric Trio Q Licensed Data Radio 安全漏洞

Schneider Electric Trio Q Licensed Data Radio is a radio from Schneider Electric France. A security vulnerability exists in Schneider Electric Trio Q Licensed Data Radio versions prior to v2.7.2, which stems from an insecure resource initialization that could lead to unauthorized access...

6.8CVSS6.4AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 9:15 p.m.20 views

CVE-2024-43214

Missing Authorization vulnerability in myCred.This issue affects myCred: from n/a through 2.7.2...

5.3CVSS5.8AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2023/10/14 9:47 a.m.14 views

CVE-2023-42663 Apache Airflow: Bypass permission verification to view task instances of other dags

Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated wit...

6.5CVSS6.6AI score0.01551EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/05/20 12:0 a.m.4 views

Google TensorFlow输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in Google TensorFlow versions prior to 2.9.0, prior to 2.8.1, prior to 2.7.2, and prior to 2.6.4, which stems from the fact that tf.rawops.StagePee...

5.5CVSS5.7AI score0.00317EPSS
Exploits1References8
CNNVD
CNNVD
added 2022/03/31 12:0 a.m.4 views

Auth0 Express OpenId Connect 输入验证错误漏洞

Auth0 Express OpenId Connect is an open source component of Auth0 Inc. Express.js middleware used to protect the OpenID Connect web application. An input validation error vulnerability exists in Auth0 Express OpenId Connect versions prior to 2.7.2, which stems from the vulnerability of users of t...

7.5CVSS6.2AI score0.0071EPSS
Exploits0References3
CNVD
CNVD
added 2021/01/14 12:0 a.m.3 views

Combodo iTop Cross-Site Scripting Vulnerability (CNVD-2021-03527)

Combodo iTop is free software for managing hardware, software and related services. A cross-site scripting vulnerability exists in Combodo iTop versions prior to 2.7.2, 3.0.0. An attacker can exploit this vulnerability by modifying the local storage of the target browser to conduct a cross-site...

6.8CVSS6AI score0.00552EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/01/12 12:0 a.m.11 views

PT-2021-12113 · Comodo +1 · Itop +1

Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 2.7.2 Combodo iTop versions prior to 2.8.0 Description: The issue allows a user to access data they should not have access to by calling the ajax endpoint for the "excel export" portal functionality directly,...

9.8CVSS7.1AI score0.25573EPSS
Exploits11References64
CNVD
CNVD
added 2015/09/08 12:0 a.m.2 views

FFmpeg Denial of Service Vulnerability (CNVD-2015-05845)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'decodeihdrchunk' function in the libavcodec/pngdec.c file in versions of FFmpeg prior to 2.7.2, which can be exploited by remote attackers to cause a...

7.5CVSS9.3AI score0.02412EPSS
Exploits0References1
Rows per page
Query Builder