22 matches found
aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-62348 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...
aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38825 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...
aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-22237 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...
aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38822 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...
aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2024-38825 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...
aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-22240 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...
CVE-2019-16015
The CVE-2019-16015 affects Cisco Data Center Analytics Framework (DCAF) — specifically the web-based management interface. The issue is a reflected cross-site scripting (XSS) vulnerability caused by insufficient validation of user-supplied input. An unauthenticated, remote attacker could lure a u...
Cisco Data Center Analytics Framework Cross-Site Scripting Vulnerability
Cisco Data Center Analytics Framework DCAF is a set of data center analytics framework from Cisco. The Cisco Data Center Analytics Framework suffers from a cross-site scripting vulnerability that arises from the program's failure to adequately validate user-submitted input. A remote attacker coul...
Cisco Data Center Analytics Framework Cross-Site Request Forgery Vulnerability (CNVD-2018-05307)
Cisco Data Center Analytics Framework DCAF application is a set of data center analytics frameworks from the U.S. company Cisco Cisco. A cross-site request forgery vulnerability exists in the Cisco DCAF application, which can be exploited by a remote attacker to submit arbitrary requests and...
CVE-2018-0146
A vulnerability in the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to improper CSRF protection by the affected application. An attacker could...
CVE-2018-0145
A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface of an affected system. The vulnerability is due to...
CVE-2018-0146
The CVE-2018-0146 entry describes a cross-site request forgery (CSRF) vulnerability in the Cisco Data Center Analytics Framework (DCAF) application. An unauthenticated, remote attacker could induce a user to click a crafted link and submit arbitrary requests, enabling unauthorized actions on beha...
CVE-2018-0128
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due t...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is du...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due t...
CVE-2018-0128
Cisco Data Center Analytics Framework (DCAF) web-based management interface is affected by CVE-2018-0128, a stored cross-site scripting (XSS) vulnerability caused by insufficient validation of user-supplied input. An unauthenticated remote attacker could entice a user to click a crafted link, ena...
CVE-2018-0129
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is du...
CVE-2018-0129
CVE-2018-0129 is a reflected cross-site scripting (XSS) vulnerability in Cisco Data Center Analytics Framework (DCAF) web-based management interface. Unauthenticated, remote attacker could lure a user to click a crafted link, triggering arbitrary script execution in the user’s browser context or ...
Cisco Data Center Analytics Framework Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due t...
Cisco Data Center Analytics Framework Cross-Site Request Forgery Vulnerability
Cisco Data Center Analytics Framework DCAF is a set of data center analytics framework from Cisco. A cross-site request forgery vulnerability exists in Cisco DCAF version 1.4. A remote attacker could exploit this vulnerability to perform unauthorized operations...