Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/13 8:58 p.m.12 views

CVE-2023-37941

If an attacker gains write access to the Apache Superset metadata database, they could persist a specifically crafted Python object that may lead to remote code execution on Superset's web backend. The Superset metadata db is an 'internal' component that is typically only accessible directly by t...

6.6CVSS7.6AI score0.29226EPSS
Exploits2References4
Rapid7 Blog
Rapid7 Blog
added 2023/10/19 8:15 p.m.67 views

Metasploit Weekly Wrap-Up

That Privilege Escalation Escalated Quickly This release features a module leveraging CVE-2023-22515, a vulnerability in Atlassian’s on-premises Confluence Server first listed as a privilege escalation, but quickly recategorized as a “broken access control” with a CVSS score of 10. The exploit...

7.5CVSS9.5AI score0.99156EPSS
Exploits41
The Hacker News
The Hacker News
added 2023/09/07 11:2 a.m.97 views

Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update version 2.1.1 plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions...

9.8CVSS8.1AI score0.97405EPSS
Exploits20
Circl
Circl
added 2023/09/07 11:1 a.m.23 views

CVE-2023-37941

creationtimestamp| type| source ---|---|--- 2023-09-07 11:01:26+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8984 2023-09-07 13:31:34+00:00| seen| https://t.me/thehackernews/3838 2023-09-07 13:42:21+00:00| published-proof-of-concept|...

6.6CVSS7.1AI score0.29226EPSS
Exploits2References5
CVE
CVE
added 2023/09/06 1:6 p.m.115 views

CVE-2023-37941

CVE-2023-37941 affects Apache Superset where an attacker with write access to the metadata database can persist a crafted Python object to achieve remote code execution on the web backend. The vulnerability hinges on the metadata DB, an internal component, being accessible with significant privil...

6.6CVSS7.1AI score0.29226EPSS
In wildExploits2References2Affected Software1
Rows per page
Query Builder