266 matches found
CVE-2025-40591
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.5, RUGGEDCOM ROX MX5000RE All versions V2.16.5, RUGGEDCOM ROX RX1400 All versions V2.16.5, RUGGEDCOM ROX RX1500 All versions V2.16.5, RUGGEDCOM ROX RX1501 All versions V2.16.5, RUGGEDCOM ROX RX1510 All versions V2.16.5...
CVE-2025-40591
CVE-2025-40591 affects Siemens RUGGEDCOM ROX II family devices (MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, RX5000) with
PT-2025-24679 · Siemens · Ruggedcom Rox Rx1511 +8
Name of the Vulnerable Software and Affected Versions: RUGGEDCOM ROX MX5000 versions prior to V2.16.5 RUGGEDCOM ROX MX5000RE versions prior to V2.16.5 RUGGEDCOM ROX RX1400 versions prior to V2.16.5 RUGGEDCOM ROX RX1500 versions prior to V2.16.5 RUGGEDCOM ROX RX1501 versions prior to V2.16.5...
CVE-2024-55604 Appsmith's Broken Access Control Allows Viewer Role User to Query Datasources
Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as "App Viewer" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a...
The vulnerability of PDF viewing and editing programs such as Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Reader, and Adobe Acrobat lies in their memory management after memory is freed. This allows attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs like Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Reader, and Adobe Acrobat is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially create...
Migrating from Client-Side to Server-Side Adaptive Bitrate Streaming
Streaming platforms scale to accommodate millions of concurrent viewers across diverse devices and network conditions, making efficient adaptive bitrate ABR streaming essential...
YouTube ordered to reveal the identities of video viewers
Federal US authorities have asked Google for the names, addresses, telephone numbers, and user activity of accounts that watched certain YouTube videos, according to unsealed court documents Forbes has seen. Of those users that weren’t logged in when they watched those videos between January 1 an...
BIT-MEDIAWIKI-2020-35480
An issue was discovered in MediaWiki before 1.35.1. Missing users accounts that don't exist and hidden users accounts that have been explicitly hidden due to being abusive, or similar that the viewer cannot see are handled differently, exposing sensitive information about the hidden status to...
BIT-MEDIAWIKI-2021-42048
An issue was discovered in the Growth extension in MediaWiki through 1.36.2. Any admin can add arbitrary JavaScript code to the Newcomer home page footer, which can be executed by viewers with zero edits...
Incorrect Default Permissions
apache-airflow is vulnerable to Incorrect Default Permissions. The vulnerability is due to authenticated Ops and Viewers users being able to view all information on audit logs, including DAG names and usernames they were not permitted to view...
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permitted to view. With 2.8.2 and newer, Ops and Viewer users do not have audit log permission by...
CVE-2024-26280 Apache Airflow: Overly broad default permissions for Viewer/Ops (audit logs)
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permitted to view. With 2.8.2 and newer, Ops and Viewer users do not have audit log permission by...
CVE-2024-26280
Apache Airflow prior to 2.8.2 has an information-disclosure issue where authenticated Ops and Viewers can see audit-log contents (e.g., dag names, usernames not visible to them). Version 2.8.2+ fixes default audit-log permissions (Ops/Viewers no longer have access by default; admins retain access...
PT-2024-2130 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.8.2 Description: The issue is related to incorrect default permissions in Apache Airflow, allowing authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames...
CentOS 9 : nss-3.79.0-14.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the nss-3.79.0-14.el9 build changelog. - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS...
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Reader 2020 lies in their ability to read data beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Reader 2020 is related to reading data outside of the buffer in memory during the processing of the CharStringsOffset array for OpenType...
XWiki Platform Security Vulnerability
The XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki that stems from the fact that Solr-based searches in XWiki expose the password hashes of all users to anyone who is authorized to view the...
The vulnerability of the Annotation Handler component in PDF viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 lies in the ability to read data beyond the buffer in memory, allowing attackers to execute arbitrary code.
The vulnerability of the Annotation Handler component in PDF viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 relates to reading data beyond the buffer in memory. Exploiting this vulnerability...
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to reading data beyond the buffer in memory, allow attackers to gain access to confidential information.
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to access confidential information...
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to reading data beyond the buffer in memory, allow attackers to gain access to confidential information.
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to access confidential information...