18 matches found
EUVD-2025-12423
Malicious code in bioql PyPI...
EUVD-2025-12421
Malicious code in bioql PyPI...
CVE-2025-46689
Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI...
CVE-2025-46690
Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request...
CVE-2025-46689
Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI...
CVE-2025-46689
Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI...
CVE-2025-46690
Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request...
CVE-2025-46690
Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request...
CVE-2025-46689
Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI...
CVE-2025-46689
Ververica Platform 2.14.0 contain an Reflected XSS vulnerability via a namespaces/default/formats URI...
CVE-2025-46690
Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request...
CVE-2025-46690
Summary: Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors by directly requesting namespaces/default/formats. The issue is described across multiple sources (Red Hat, CNNVD, CVE listings) with the same vector. The root cause is insufficient access control on the names...
CVE-2025-46689
CVE-2025-46689 affects Ververica Platform 2.14.0 with a Reflected XSS vulnerability exposed via the URI path namespaces/default/formats . The issue involves user-controlled input in that path, allowing an attacker to trigger script execution in a victim’s browser when the vulnerable page is loade...
Ververica Platform 安全漏洞
Ververica Platform is an integration platform from Ververica for stateful stream processing and stream analytics using open source Apache Flink. A security vulnerability exists in Ververica Platform version 2.14.0, which stems from the vulnerability of the namespaces/default/formats URI to...
Ververica Platform 安全漏洞
Ververica Platform is an integration platform from Ververica for stateful stream processing and stream analytics using open source Apache Flink. A security vulnerability exists in Ververica Platform version 2.14.0 that originates from a low-privileged user being able to access the SQL connector b...
PT-2025-18019 · Ververica · Ververica Platform
Name of the Vulnerable Software and Affected Versions: Ververica Platform version 2.14.0 Description: The issue is a Reflected XSS vulnerability. It can be exploited via a "namespaces/default/formats" URI. Recommendations: For Ververica Platform version 2.14.0, consider restricting access to the...
PT-2025-18020 · Ververica · Ververica Platform
Name of the Vulnerable Software and Affected Versions: Ververica Platform version 2.14.0 Description: The issue allows low-privileged users to access SQL connectors via a direct "namespaces/default/formats" request. Recommendations: For Ververica Platform version 2.14.0, consider restricting acce...
CVE-2025-46690
Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request...