8 matches found
Schneider Electric Trio Q Licensed Data Radio 安全漏洞
Schneider Electric Trio Q Licensed Data Radio is a radio from Schneider Electric France. A security vulnerability exists in Schneider Electric Trio Q Licensed Data Radio versions prior to v2.7.2, which stems from an insecure resource initialization that could lead to unauthorized access...
CVE-2024-43214
Missing Authorization vulnerability in myCred.This issue affects myCred: from n/a through 2.7.2...
CVE-2023-42663 Apache Airflow: Bypass permission verification to view task instances of other dags
Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated wit...
Google TensorFlow输入验证错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in Google TensorFlow versions prior to 2.9.0, prior to 2.8.1, prior to 2.7.2, and prior to 2.6.4, which stems from the fact that tf.rawops.StagePee...
Auth0 Express OpenId Connect 输入验证错误漏洞
Auth0 Express OpenId Connect is an open source component of Auth0 Inc. Express.js middleware used to protect the OpenID Connect web application. An input validation error vulnerability exists in Auth0 Express OpenId Connect versions prior to 2.7.2, which stems from the vulnerability of users of t...
Combodo iTop Cross-Site Scripting Vulnerability (CNVD-2021-03527)
Combodo iTop is free software for managing hardware, software and related services. A cross-site scripting vulnerability exists in Combodo iTop versions prior to 2.7.2, 3.0.0. An attacker can exploit this vulnerability by modifying the local storage of the target browser to conduct a cross-site...
PT-2021-12113 · Comodo +1 · Itop +1
Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 2.7.2 Combodo iTop versions prior to 2.8.0 Description: The issue allows a user to access data they should not have access to by calling the ajax endpoint for the "excel export" portal functionality directly,...
FFmpeg Denial of Service Vulnerability (CNVD-2015-05845)
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'decodeihdrchunk' function in the libavcodec/pngdec.c file in versions of FFmpeg prior to 2.7.2, which can be exploited by remote attackers to cause a...