7 matches found
EUVD-2023-27718
Malicious code in bioql PyPI...
SUSE CVE-2017-5944
The dashboard subscription interface in Request Tracker RT 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name...
CVE-2023-23629 Metabase subject to Improper Privilege Management
Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...
CVE-2023-23629 Metabase subject to Improper Privilege Management
Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a...
CVE-2023-23628 Metabase subject to Exposure of Sensitive Information to an Unauthorized Actor
Metabase is an open source data analytics platform. Affected versions are subject to Exposure of Sensitive Information to an Unauthorized Actor. Sandboxed users shouldn't be able to view data about other Metabase users anywhere in the Metabase application. However, when a sandbox user views the...
PT-2023-19088 · Metabase · Metabase
Name of the Vulnerable Software and Affected Versions: Metabase versions prior to 0.43.7.1 Metabase versions prior to 1.43.7.1 Metabase versions prior to 0.44.6.1 Metabase versions prior to 1.44.6.1 Metabase versions prior to 0.45.2.1 Metabase versions prior to 1.45.2.1 Description: Metabase is a...
UBUNTU-CVE-2017-5944
The dashboard subscription interface in Request Tracker RT 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 might allow remote authenticated users with certain privileges to execute arbitrary code via a crafted saved search name...