SUSE CVE-2022-21736

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

[SECURITY] Fedora 37 Update: redis-7.0.8-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium

Vulnerability analysis results in Orange Cyberdefenses' Security Navigator show that some vulnerabilities first discovered in 1999 are still found in networks today. This is concerning. Age of VOC findings Our Vulnerability Scans are performed on a recurring basis, which provides us the opportuni...

Open Redirect

apache-superset is vulnerable to Open Redirect. The vulnerability exists due to improper data validation in the library, allowing an attacker with update dataset permission to change a dataset link to an untrusted site and redirect to the malicious URLs by clicking on a specific dataset...

CVE-2022-43721

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

CVE-2022-43721

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

CVE-2022-43721

CVE-2022-43721 is an Open Redirect vulnerability in Apache Superset. An authenticated user with update datasets permission can alter a dataset’s link to point to an untrusted site, causing users to be redirected when clicking that dataset. Affected: Superset versions ≤ 1.5.2 and 2.0.0, per multip...

CVE-2022-43721 Apache Superset: Open Redirect Vulnerability

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

CVE-2022-43721 Apache Superset: Open Redirect Vulnerability

An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0...

PT-2023-14307 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions 1.5.2 and prior Apache Superset version 2.0.0 Description: An authenticated attacker with update datasets permission could change a dataset link to an untrusted site. Users could be redirected to this site when clicki...

Apache Superset 输入验证错误漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An input validation error vulnerability exists in Apache Superset versions 1.5.2 and earlier and 2.0.0, which originates from an authenticated attacker with update dataset privileges could change...

[SECURITY] Fedora 37 Update: redis-7.0.5-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

wikifaces 安全漏洞

wikifaces is a downloader of the Wikipedia "People" image dataset. A security vulnerability exists in wikifaces that stems from a code execution backdoor that allows third-party injection...

eziod 安全漏洞

eziod is simple image object dataset. A security vulnerability exists in eziod that originates from a code execution backdoor inserted by a third party...

GHSA-748R-5R8Q-273M Apache Superset allows authenticated users to access metadata they have no permission to

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics...

CVE-2021-37839

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics...

Design/Logic Flaw

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics...

CVE-2021-37839 Improper access to dataset metadata information

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics...

Apache Superset 访问控制错误漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an Access Control Error vulnerability that stems from improper access restrictions. A remote attacker could exploit the vulnerability to bypass implemented security...

PT-2022-10673 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions up to 1.5.1 Description: The issue allows authenticated users to access metadata information related to datasets they have no permission on. This metadata includes the dataset name, columns, and metrics...