Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.9 views

CVE-2023-39265

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

6.5CVSS6.9AI score0.83716EPSS
Exploits2
The Hacker News
The Hacker News
added 2023/09/07 11:2 a.m.96 views

Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update version 2.1.1 plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions...

9.8CVSS8.1AI score0.97405EPSS
Exploits20
Circl
Circl
added 2023/09/07 11:1 a.m.15 views

CVE-2023-39265

creationtimestamp| type| source ---|---|--- 2023-09-07 11:01:26+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8984 2023-09-07 13:31:34+00:00| seen| https://t.me/thehackernews/3838 2023-09-07 13:42:21+00:00| published-proof-of-concept|...

6.5CVSS7.2AI score0.83716EPSS
Exploits2References5
NVD
NVD
added 2023/09/06 2:15 p.m.38 views

CVE-2023-39265

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

6.5CVSS5AI score0.83716EPSS
Exploits2References2
OSV
OSV
added 2023/09/06 1:0 p.m.25 views

CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

3.8CVSS6.7AI score0.83716EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2023/09/06 1:0 p.m.19 views

CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

3.8CVSS6.9AI score0.83716EPSS
Exploits2References2
Cvelist
Cvelist
added 2023/09/06 1:0 p.m.45 views

CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections

Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...

3.8CVSS6.9AI score0.83716EPSS
Exploits2References2
Rows per page
Query Builder