Lucene search
K

13 matches found

Snyk
Snyk
added 2026/05/04 6:26 p.m.9 views

Improper Encoding or Escaping of Output

Overview org.apache.polaris:polaris-core is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this package are...

9.9CVSS5.8AI score0.00424EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-1934

Malicious code in bioql PyPI...

7.1CVSS6.8AI score0.00412EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-0937

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nomad Community and Nomad Enterprise Nomad event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...

7.1CVSS7AI score0.00412EPSS
Exploits0References2
Redos
Redos
added 2025/03/07 12:0 a.m.12 views

ROS-20250307-12

Nomad application orchestrator vulnerability related to customization of wildcard namespace usage. namespace. Exploitation of the vulnerability could allow an attacker acting remotely to bypass ACL policy by allowing reads from other namespaces. ACL policy by allowing reads from other namespaces...

7.1CVSS7.2AI score0.00412EPSS
Exploits0
NVD
NVD
added 2025/02/12 7:15 p.m.17 views

CVE-2025-0937

Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...

7.1CVSS0.00412EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 7:15 p.m.5 views

CVE-2025-0937

Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...

7.1CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2025/02/12 7:15 p.m.2 views

UBUNTU-CVE-2025-0937

Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...

7.1CVSS5.8AI score0.00412EPSS
Exploits0References3
CVE
CVE
added 2025/02/12 6:59 p.m.71 views

CVE-2025-0937

Summary: CVE-2025-0937 affects Nomad Community and Nomad Enterprise. An event stream configured with a wildcard namespace can bypass ACL policy, allowing reads from other namespaces. What’s affected: Nomad’s event stream endpoint within Nomad Community and Nomad Enterprise. The underlying issue i...

7.1CVSS7AI score0.00412EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/12 6:59 p.m.17 views

CVE-2025-0937 Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace

Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...

7.1CVSS7AI score0.00412EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/12 6:59 p.m.16 views

CVE-2025-0937 Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace

Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...

7.1CVSS0.00412EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.19 views

Apache Struts Remote Code Execution Vulnerability

Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the alwaysSelectFullNamespace option is true and the value isn't set for a result defined in underlying configurations and in same time, its upper package configuration have no or...

9.3CVSS8.5AI score0.99993EPSS
In wildExploits41
OSV
OSV
added 2018/10/18 7:24 p.m.5 views

GHSA-CR6J-3JP9-RW65 Apache Struts vulnerable to remote command execution (RCE) due to improper input validation

Apache Struts contains a Remote Code Execution when using results with no namespace and it's upper actions have no or wildcard namespace. The same flaw exists when using a url tag with no value, action set, and it's upper actions have no or wildcard namespace...

8.1CVSS7.2AI score0.99993EPSS
Exploits41References27
Broadcom
Broadcom
added 2018/08/23 12:0 a.m.10 views

BSA-2018-700

Security Advisory ID : BSA-2018-700 Component : Apache Struts 2 Revision : 1.0: Final Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper actions have no or wildcard namespace. Same...

9.3CVSS8.8AI score0.99993EPSS
Exploits41
Rows per page
Query Builder