Lucene search
K

166 matches found

CNVD
CNVD
added 2023/11/30 12:0 a.m.20 views

Apache Superset Information Disclosure Vulnerability (CNVD-2023-9666229)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An information disclosure vulnerability exists in Apache Superset versions prior to 3.0.0, which stems from the application's inadequate protection of sensitive information and can be exploited b...

4.3CVSS6AI score0.01009EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/30 12:0 a.m.43 views

Apache Superset Input Validation Error Vulnerability (CNVD-2023-9666130)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An input validation error vulnerability exists in Apache Superset versions prior to 3.0.0. The vulnerability stems from the presence of improper input validation, which can be exploited by an...

5.4CVSS5.1AI score0.00823EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/30 12:0 a.m.20 views

Apache NiFi cross-site scripting vulnerability (CNVD-2023-9665850)

Apache NiFi is a data processing and distribution system from the Apache USA Foundation. The system is primarily used for data routing, transformation and system intermediary logic. Apache NiFi suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and...

7.9CVSS5.9AI score0.01212EPSS
Exploits0References1
CNVD
CNVD
added 2023/10/19 12:0 a.m.522 views

Apache HTTP Server Buffer Overflow Vulnerability (CNVD-2023-80558)

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in Apache HTTP Server version 2.4.54 and earlier. An attacker can exploit this vulnerabilit...

7.5CVSS6.9AI score0.03546EPSS
Exploits0References1
CNVD
CNVD
added 2023/09/25 12:0 a.m.22 views

Apache Airflow Authorization Problem Vulnerability (CNVD-2023-72233)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow versions prior to 2.7.1 have an authorization issue vulnerability th...

4.3CVSS7AI score0.01305EPSS
Exploits0References1
CNVD
CNVD
added 2023/09/20 12:0 a.m.17 views

Apache Airflow Information Disclosure Vulnerability (CNVD-2023-72235)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An information disclosure vulnerability exists in Apache Airflow versions prior to...

6.5CVSS5.9AI score0.01476EPSS
Exploits0References1
CNVD
CNVD
added 2023/09/11 12:0 a.m.38 views

Apache Superset REST API Authorization Issues Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset version 2.1.0 and prior versions suffer from an authorization issue vulnerability that stems from incorrect REST API permissions. An attacker can exploit this vulnerability to cau...

5.4CVSS6.8AI score0.00806EPSS
Exploits0References1
CNVD
CNVD
added 2023/08/19 12:0 a.m.15 views

Apache Airflow Information Disclosure Vulnerability (CNVD-2023-85617)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An information disclosure vulnerability exists in Apache Airflow Spark Provider...

7.5CVSS6.3AI score0.01667EPSS
Exploits0References1
CNVD
CNVD
added 2023/08/15 12:0 a.m.19 views

Apache Airflow Input Validation Error Vulnerability (CNVD-2023-67067)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An input validation error vulnerability exists in Apache Airflow Drill Provider...

5CVSS6.6AI score0.01776EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2023/07/14 12:0 a.m.12 views

Apache Airflow Security Bypass Vulnerability

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions prior to 2.6.3,...

6.5CVSS6.8AI score0.01076EPSS
Exploits0References1
CNVD
CNVD
added 2023/07/07 12:0 a.m.15 views

Apache Any23 Denial of Service Vulnerability

Apache Any23 is a library, web service, and command-line tool from the Apache Foundation USA. Apache Any23 suffers from a denial of service vulnerability due to a usage flaw in TikaEncodingDetector. An attacker could exploit this vulnerability to cause memory overuse...

6.5CVSS6.6AI score0.01484EPSS
Exploits0References1
CNVD
CNVD
added 2023/07/05 12:0 a.m.23 views

Apache Hive Provider Code Execution Vulnerability

Apache Airflow is a suite of open source platforms for creating, managing, and monitoring workflows from the Apache Foundation.The Apache Airflow Hive Provider is a toolkit for reading, writing, and managing large datasets in distributed storage using SQL. A code execution vulnerability exists in...

9.8CVSS8AI score0.02791EPSS
Exploits0References1
CNVD
CNVD
added 2023/06/21 12:0 a.m.20 views

Apache Airflow Information Disclosure Vulnerability (CNVD-2023-55401)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. Apache Airflow suffers from an information disclosure vulnerability, the source program is not sufficiently protected for sensitive information, which can be...

6.5CVSS6.2AI score0.01518EPSS
Exploits0References1
CNVD
CNVD
added 2023/05/30 12:0 a.m.33 views

Apache Sling Input Validation Error Vulnerability

Apache Sling is the United States Apache Apache Foundation of a Java platform for open source Web framework. Designed to comply with JSR-170 content repository such as Apache Jackrabbit to create content-centric applications. An input validation error vulnerability exists in Apache Sling Commons...

7.5CVSS6.7AI score0.02187EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2023/05/28 12:0 a.m.17 views

Apache InLong Weak Password Vulnerability

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. A security vulnerability exists in Apache InLong versions 1.1.0 through 1.6.0, which stems from an application that does not set a complexity requirement for user passwords, and can be...

9.8CVSS7AI score0.01233EPSS
Exploits0References1
CNVD
CNVD
added 2023/05/28 12:0 a.m.47 views

Apache Tomcat Denial of Service Vulnerability (CNVD-2023-42970)

Apache Tomcat is the United States Apache Apache Foundation, a lightweight Web application server. Apache Tomcat suffers from a denial of service vulnerability that stems from not properly handling incoming error messages, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.6AI score0.51547EPSS
Exploits1References1
CNVD
CNVD
added 2023/05/17 12:0 a.m.19 views

Apache OpenMeetings Code Execution Vulnerability

Apache OpenMeetings is a multilingual, customizable video conferencing and collaboration system from the Apache Foundation. The product supports audio, video and allows users to view each participant's desktop and more. A code execution vulnerability exists in Apache OpenMeetings versions 2.0.0...

7.2CVSS7.9AI score0.0147EPSS
Exploits0References1
CNVD
CNVD
added 2023/05/17 12:0 a.m.20 views

Apache OpenMeetings Information Disclosure Vulnerability

Apache OpenMeetings is a multi-language, customizable video conferencing and collaboration system from the Apache Foundation. The product supports audio, video and allows users to view each participant's desktop and more. A security vulnerability exists in Apache OpenMeetings versions 2.0.0 throu...

5.3CVSS6.4AI score0.01204EPSS
Exploits0References1
CNVD
CNVD
added 2023/05/10 12:0 a.m.24 views

Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2023-52700)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A cross-site scripting vulnerability exists in Apache Airflow versions prior to...

4.9CVSS6.3AI score0.01911EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2023/05/08 12:0 a.m.30 views

Apache Spark Command Injection Vulnerability (CNVD-2023-71729)

Apache Spark is a large-scale data processing engine that supports acyclic data streaming and in-memory computing from the Apache Foundation. Apache Spark suffers from a command injection vulnerability that stems from the fact that if ACLs are enabled, a code path in the HttpSecurityFilter can...

8.8CVSS8AI score0.92984EPSS
Exploits12References1
Rows per page
Query Builder