CVE-2025-66388

A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without the appropriate authorization. Users are recommended to upgrade to version 3.1.4, which fixes this...

SQL Injection

Overview apache-airflow-providers-common-sql is a Provider package apache-airflow-providers-common-sql for Apache Airflow Affected versions of this package are vulnerable to SQL Injection via the partitionclause parameter in SQLTableCheckOperator. An attacker can escalate privileges and execute...

CVE-2024-2448

An OS command injection vulnerability has been identified in LoadMaster. An authenticated UI user with any permission settings may be able to inject commands into a UI component using a shell command resulting in OS command injection...

Silver Peak Unity ECOSTM OS Command Injection Vulnerability

Silver Peak Systems EdgeConnect Software ECOS is a suite of software-defined, wide-area networking platforms from Silver Peak Systems, USA. The platform provides features such as path conditioning, application classification, routing and virtual WAN overlay. Silver Peak Unity ECOSTM suffers from ...