Lucene search
K

5296 matches found

CVE
CVE
added 2022/12/13 12:0 a.m.56 views

CVE-2022-46353

SCALANCE X204RNA family devices (HSR/PRP/EEC) have a vulnerability where the web server computes session IDs and nonces insecurely, allowing an unauthenticated remote attacker to brute-force session IDs and hijack sessions. Affected versions are all

9.8CVSS9.2AI score0.01001EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.18 views

CVE-2022-46354

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. The webserver of an affected...

5.3AI score0.00677EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.6 views

PT-2022-27837 · Siemens · Scalance X204Rna Eec +1

Name of the Vulnerable Software and Affected Versions: SCALANCE X204RNA HSR versions prior to V3.2.7 SCALANCE X204RNA PRP versions prior to V3.2.7 SCALANCE X204RNA EEC HSR versions prior to V3.2.7 SCALANCE X204RNA EEC PRP versions prior to V3.2.7 SCALANCE X204RNA EEC PRP/HSR versions prior to...

5.3CVSS5.1AI score0.00677EPSS
Exploits0References2
CVE
CVE
added 2022/12/13 12:0 a.m.70 views

CVE-2022-46354

CVE-2022-46354 affects Siemens SCALANCE X204RNA/ EEC devices (HSR/PRP) with versions prior to V3.2.7. The issue is that the webserver on these devices omits specific security headers, enabling an attacker to potentially extract confidential session information under certain conditions. Multiple s...

5.3CVSS5AI score0.00677EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2022/12/12 1:45 p.m.713 views

Exploit for SQL Injection in Zte Mf286R_Firmware

CVE-2022-39066 Firmware details: wainnerversion: BDPO...

8.8CVSS9.1AI score0.26542EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/11/15 12:0 p.m.29 views

Apache Airflow Contains Open Redirect

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

6.1CVSS6.1AI score0.81836EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/11/15 12:0 p.m.25 views

GHSA-RG94-84XJ-7GQ3 Apache Airflow Contains Open Redirect

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

6.1CVSS6AI score0.81836EPSS
Exploits0References7
NVD
NVD
added 2022/11/15 9:15 a.m.10 views

CVE-2022-45402

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

6.1CVSS0.81836EPSS
Exploits0References3
OSV
OSV
added 2022/11/15 9:15 a.m.13 views

CVE-2022-45402

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

6.1CVSS6.1AI score
Exploits0References3
PyPA
PyPA
added 2022/11/15 9:15 a.m.5 views

PYSEC-2022-42984

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

6.1CVSS6.8AI score0.81836EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2022/11/15 9:15 a.m.31 views

Open redirect

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

5.8CVSS6.1AI score0.81836EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/11/15 9:15 a.m.18 views

PYSEC-2022-42984

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

6.1CVSS6.8AI score0.81836EPSS
Exploits0References7
CVE
CVE
added 2022/11/15 12:0 a.m.104 views

CVE-2022-45402

CVE-2022-45402 affects Apache Airflow versions prior to 2.4.3, which have an open redirect in the webserver’s /login endpoint. The root cause is an open redirect via the login parameter (e.g., next), enabling unvalidated redirects that could be used for phishing. The vulnerability is documented w...

6.1CVSS6AI score0.81836EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2022/11/15 12:0 a.m.6 views

EUVD-2022-0019

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

6.1CVSS6AI score0.81836EPSS
Exploits0References9
Cvelist
Cvelist
added 2022/11/15 12:0 a.m.22 views

CVE-2022-45402 Apache Airflow: Open redirect during login

In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's /login endpoint...

6.3AI score0.81836EPSS
Exploits0References3
CNVD
CNVD
added 2022/11/05 12:0 a.m.19 views

Apache Airflow Input Validation Error Vulnerability

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An input validation error vulnerability exists in Apache Airflow versions prior to...

6.1CVSS6.4AI score0.01494EPSS
Exploits0References1
Veracode
Veracode
added 2022/11/03 5:7 a.m.20 views

Open Redirect

apacheairflow is vulnerable to open redirect. The vulnerability exists due to the getsafeurl function in views.py improperly sanitizing headers leading to open redirect in the webserver's /confirm endpoint...

6.1CVSS6.1AI score0.01494EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/11/02 7:0 p.m.21 views

GHSA-F9FQ-78CH-4WMJ Apache Airflow Open Redirect vulnerability

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

6.1CVSS6AI score0.01494EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/11/02 7:0 p.m.29 views

Apache Airflow Open Redirect vulnerability

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

6.1CVSS6.1AI score0.01494EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2022/11/02 12:15 p.m.23 views

CVE-2022-43985

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

6.1CVSS0.01494EPSS
Exploits0References2
Rows per page
Query Builder