Lucene search
+L

86 matches found

nvd
nvd
added 2026/07/06 9:16 a.m.13 views

CVE-2026-24014

Apache IoTDB DataNode’s internal RPC interface for creating Trigger instances uses the uploaded Trigger JAR name to build a file path without sufficient validation. If the internal DataNode RPC port is exposed to an untrusted network, an attacker may use path traversal sequences in the JAR name t...

9.8CVSS0.00509EPSS
Exploits0References2
nvd
nvd
added 2026/07/06 9:16 a.m.9 views

CVE-2026-24012

Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...

7.5CVSS0.00546EPSS
Exploits0References2
euvd
euvd
added 2026/07/06 8:38 a.m.6 views

EUVD-2026-41856

Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...

7.5CVSS6AI score0.00546EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/06 8:34 a.m.37 views

CVE-2026-24014 Apache IoTDB: Path Traversal in DataNode Internal RPC Trigger JAR Upload Allows Arbitrary File Write

Apache IoTDB DataNode’s internal RPC interface for creating Trigger instances uses the uploaded Trigger JAR name to build a file path without sufficient validation. If the internal DataNode RPC port is exposed to an untrusted network, an attacker may use path traversal sequences in the JAR name t...

0.00509EPSS
Exploits0References1
cve
cve
added 2026/07/06 8:34 a.m.17 views

CVE-2026-24014

CVE-2026-24014 — Apache IoTDB Path Traversal in DataNode Trigger JAR Upload : The issue arises in IoTDB’s DataNode internal RPC interface used to create Trigger instances. The JAR name is used to build a file path without sufficient validation, enabling path traversal if the RPC port is reachable...

9.8CVSS6AI score0.00509EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/07/06 8:34 a.m.6 views

CVE-2026-24014

Apache IoTDB DataNode’s internal RPC interface for creating Trigger instances uses the uploaded Trigger JAR name to build a file path without sufficient validation. If the internal DataNode RPC port is exposed to an untrusted network, an attacker may use path traversal sequences in the JAR name t...

6AI score0.00509EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.8 views

PT-2026-55880

Name of the Vulnerable Software and Affected Versions Apache IoTDB versions 1.3.3 through 2.0.7 Description The internal RPC interface of the Apache IoTDB DataNode used for creating Trigger instances fails to sufficiently validate the name of the uploaded Trigger JAR when constructing a file path...

9.8CVSS6AI score0.00509EPSS
Exploits0References15
euvd
euvd
added 2025/11/13 3:23 a.m.6 views

EUVD-2025-179391

Malicious code in data-node-sanitize-balance-optimize npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-27626

Malicious code in bioql PyPI...

7.5CVSS5.8AI score0.00678EPSS
Exploits0References2
ibm
ibm
added 2025/03/26 2:25 a.m.37 views

Security Bulletin: IBM QRadar SIEM is vulnerable to possible information disclosure (CVE-2022-22480)

Summary IBM QRadar SIEM is vulnerable to possible information disclosure due to data node rebalancing not functioning correctly. Vulnerability Details CVEID:CVE-2022-22480 DESCRIPTION: IBM QRadar SIEM data node rebalancing does not function correctly when using encrypted hosts which could result ...

7.5CVSS6AI score0.00678EPSS
Exploits0Affected Software1
susecve
susecve
added 2023/02/15 4:49 a.m.6 views

SUSE CVE-2017-6440

The parsedatanode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...

5CVSS6.4AI score0.00422EPSS
Exploits1References6
cnvd
cnvd
added 2022/10/10 12:0 a.m.30 views

IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2022-68281)

IBM QRadar SIEM is a solution from International Business Machines IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

7.5CVSS1.7AI score0.00678EPSS
Exploits0References1
osv
osv
added 2022/10/07 5:15 p.m.8 views

CVE-2022-22480

IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...

7.5CVSS5.8AI score0.00678EPSS
Exploits0References2
nvd
nvd
added 2022/10/07 5:15 p.m.28 views

CVE-2022-22480

IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...

7.5CVSS0.00678EPSS
Exploits0References2
prion
prion
added 2022/10/07 5:15 p.m.25 views

Information disclosure

IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...

5CVSS7AI score0.00678EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/10/07 5:0 p.m.35 views

CVE-2022-22480

IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...

5.3CVSS7.2AI score0.00678EPSS
Exploits0References2
cve
cve
added 2022/10/07 5:0 p.m.75 views

CVE-2022-22480

IBM QRadar SIEM is vulnerable to information disclosure caused by data node rebalancing not functioning correctly when encrypted hosts are used. Affected versions: QRadar 7.4.0–7.4.3 Fix Pack 6 and 7.5.0–7.5.0 Update Pack 2. Remediation: upgrade to QRadar 7.4.3 Fix Pack 7 and QRadar 7.5.0 Update ...

7.5CVSS7.1AI score0.00678EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2022/10/07 12:0 a.m.9 views

PT-2022-15460 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM versions 7.4 through 7.5 Description: The issue is related to data node rebalancing in IBM QRadar SIEM when using encrypted hosts, which does not function correctly and could result in information disclosure. Recommendations:...

7.5CVSS5.3AI score0.00678EPSS
Exploits0References4
cnnvd
cnnvd
added 2022/10/06 12:0 a.m.7 views

IBM QRadar SIEM 安全漏洞

IBM QRadar SIEM is a solution from International Business Machines IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

7.5CVSS6.3AI score0.00678EPSS
Exploits0References4
attackerkb
attackerkb
added 2022/10/04 12:0 a.m.7 views

CVE-2022-22480

IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889...

7.5CVSS6.4AI score0.00678EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder