DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool. It is used to help users quickly analyze data and gain insights into business trends for business improvement and optimization. A security vulnerability exists in versions prior to DataEase v1.18.7 that stems from the vulnerability ...

Authentication Bypass

github.com/KubeOperator/KubeOperator is vulnerable to Authentication Bypass. The vulnerability exists because the V1 function of v1api.go does not properly handle the online application routing permissions, allowing an attacker to bypass the system's preset permission settings to access some API...

Improper Access Control

github.com/kubeoperator/kubepi is vulnerable to Improper Access Control. A remote attacker is able to bypass the system's preset permission settings to access restricted API interfaces which leak sensitive user information. The vulnerability also impacts how online applications handle routing...

PT-2023-18530 · Kubepi · Kubepi

Name of the Vulnerable Software and Affected Versions: KubePi versions prior to 1.6.4 Description: The issue allows unauthorized access to system API interfaces, potentially leaking sensitive information. This is due to a flaw in how online applications handle routing permissions. There are no...

Duplicate of ./go/github.com/KubeOperator/KubePi/CVE-2023-22478.yml

API interfaces with unauthorized access will leak sensitive information via /kubepi/api/v1/systems/operation/logs/search and /kubepi/api/v1/systems/login/logs/search...

Vulnerability of the API interfaces of Google Chrome and Microsoft Edge browsers, allowing attackers to execute arbitrary code

The vulnerability of Google Chrome and Microsoft Edge browser APIs is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...

The vulnerability relates to the set of own API interfaces of the Windows Runtime operating systems developed by Microsoft. This vulnerability allows a perpetrator to increase their privileges.

The vulnerability related to the collection of custom API interfaces in Microsoft Windows Runtime operating systems stems from improper handling of objects in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

The vulnerability relates to the set of own API interfaces of the Windows Runtime operating systems developed by Microsoft. This vulnerability allows a perpetrator to increase their privileges.

The vulnerability related to the collection of custom API interfaces in Microsoft Windows Runtime operating systems stems from improper handling of objects in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...