Lucene search
+L

13 matches found

Nuclei
Nuclei
added 2026/07/11 12:22 a.m.119 views

Apache Airflow <=1.10.10 - Remote Code Execution

Apache Airflow versions 1.10.10 and below are vulnerable to remote code/command injection vulnerabilities in one of the example DAGs shipped with Airflow. This could allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending on the executor in us...

8.8CVSS7.2AI score0.99118EPSS
Exploits9References5
Gitee
Gitee
added 2025/09/06 12:42 p.m.110 views

Exploit for OS Command Injection in Apache Airflow

This is a proof-of-concept PoC exploit for CVE-2020-11978, a remote code execution RCE vulnerability in Apache Airflow's example DAGs. The exploit targets Airflow versions less than 1.10.11 and allows an attacker to execute arbitrary commands on the system. The exploit uses the Airflow Experiment...

8.8CVSS9.6AI score0.99118EPSS
Exploits9
Packet Storm
Packet Storm
added 2023/09/19 12:0 a.m.629 views

Apache Airflow 1.10.10 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Airflow 1.10.10 - Example DAG Remote Code Execution', 'Description' = %q This module exploits an unauthenticated command injection...

9.8CVSS7.1AI score0.9967EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2022/06/13 12:0 a.m.56 views

Apache Airflow < 1.10.11 Multiple Vulnerabilities

The version of Apache Airflow is prior to 1.10.11. It is, therefore, affected by multiple vulnerabilities, including the following: - An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attacker can connect to the broker Redis, RabbitMQ directly, it i...

9.8CVSS8AI score0.9967EPSS
Exploits11References9
Check Point Advisories
Check Point Advisories
added 2021/06/16 12:0 a.m.26 views

Apache Airflow Command Injection (CVE-2020-11978; CVE-2020-13927)

A command injection vulnerability exists in Apache Airflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.4AI score0.9967EPSS
Exploits10
Circl
Circl
added 2021/06/03 12:39 a.m.20 views

CVE-2020-11978

creationtimestamp| type| source ---|---|--- 2021-06-03 00:39:25+00:00| seen| https://t.me/pwnwikizhchannel/579 2023-06-14 21:10:04+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-09-18 22:16:38+00:00| seen|...

8.8CVSS7.3AI score0.99118EPSS
In wildExploits9References8
Packet Storm
Packet Storm
added 2021/06/02 12:0 a.m.348 views

Apache Airflow 1.10.10 Remote Code Execution

Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Date: 2021-06-02 Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker...

7.5CVSS0.2AI score0.9967EPSS
Exploits10
0day.today
0day.today
added 2021/06/02 12:0 a.m.148 views

Apache Airflow 1.10.10 - (Example Dag) Remote Code Execution Exploit

Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker apache/airflow:1.10 .10...

9.8CVSS9.3AI score0.9967EPSS
Exploits10
Exploit DB
Exploit DB
added 2021/06/02 12:0 a.m.680 views

Apache Airflow 1.10.10 - &#039;Example Dag&#039; Remote Code Execution

Exploit Title: Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution Date: 2021-06-02 Exploit Author: Pepe Berba Vendor Homepage: https://airflow.apache.org/ Software Link: https://airflow.apache.org/docs/apache-airflow/stable/installation.html Version: = 1.10.10 Tested on: Docker...

9.8CVSS9.3AI score0.9967EPSS
Exploits10
GithubExploit
GithubExploit
added 2021/05/22 3:58 p.m.371 views

Exploit for OS Command Injection in Apache Airflow

CVE-2020-11978: Remote code execution in Apache Airflow's Exa...

9.8CVSS9.7AI score0.9967EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2020/08/12 12:0 a.m.14 views

Fedora 31 : virtualbox-guest-additions (2020-dbf6c6f22f)

New upstream release Overview of fixed security issues: https://www.oracle.com/security-alerts/cpujul2020.htmlAppendixOVIR Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean...

5.4AI score
Exploits0References1
OSV
OSV
added 2020/07/17 12:15 a.m.9 views

CVE-2020-11978

An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending o...

8.8CVSS8.8AI score0.99118EPSS
Exploits9References4
CVE
CVE
added 2020/07/16 12:0 a.m.1111 views

CVE-2020-11978

Apache Airflow CVE-2020-11978 affects Airflow 1.10.10 and earlier in one of the shipped example DAGs, enabling remote command execution. The root cause is a command-injection vulnerability in the example DAGs, which could allow an authenticated user to run arbitrary commands as the user running t...

8.8CVSS9.1AI score0.99118EPSS
In wildExploits9References4Affected Software1
Rows per page
Query Builder