Lucene search
K

7 matches found

Chainguard
Chainguard
added yesterday8 views

CVE-2023-45133 vulnerabilities

Vulnerabilities for packages: arangodb...

9.3CVSS6.7AI score0.0052EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-12797

Malware in sbrugna...

8.8CVSS8AI score0.0078EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-12795

Malware in sbrugna...

6.1CVSS6.3AI score0.0081EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:37 p.m.6 views

CVE-2021-25940

In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration. When a user’s password is changed by the administrator, the session isn’t invalidated, allowing a malicious user to still be logged in and perform arbitrary actions within the system...

8.8CVSS7AI score0.0078EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:27 p.m.8 views

CVE-2021-25938

In ArangoDB, versions v2.2.6.2 through v3.7.10 are vulnerable to Cross-Site Scripting XSS, since there is no validation of the .zip file name and filtering of potential abusive characters which zip files can be named to. There is no X-Frame-Options Header set, which makes it more susceptible for...

6.1CVSS5.7AI score0.0081EPSS
Exploits1References1
OSV
OSV
added 2025/03/10 8:12 a.m.6 views

BIT-ARANGODB-2021-25940 ArangoDB - Insufficient Session Expiration after Password Change

In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration. When a user’s password is changed by the administrator, the session isn’t invalidated, allowing a malicious user to still be logged in and perform arbitrary actions within the system...

8.8CVSS8.2AI score0.0078EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2021/11/16 9:25 a.m.4 views

CVE-2021-25940 ArangoDB - Insufficient Session Expiration after Password Change

In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration. When a user’s password is changed by the administrator, the session isn’t invalidated, allowing a malicious user to still be logged in and perform arbitrary actions within the system...

8.8CVSS7AI score0.0078EPSS
Exploits0References2
Rows per page
Query Builder