23 matches found
EUVD-2021-13990
Malware in sbrugna...
EUVD-2020-29665
Malware in sbrugna...
EUVD-2018-2802
Malware in sbrugna...
EUVD-2023-56414
Malicious code in bioql PyPI...
CVE-2023-51717
Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass...
CVE-2021-27225
In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users who have coding permissions to read and overwrite notebooks in projects that they are not authorized to access...
CVE-2023-51717
Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass...
Authentication flaw
Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass...
Dataiku DSS Security Vulnerability
Dataiku DSS is a machine collaboration platform from Dataiku, Inc. A security vulnerability exists in Dataiku DSS versions prior to 11.4.5 and 12.4.1 that stems from having incorrect access control and could lead to a complete bypass of authentication...
CVE-2023-51717
Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass...
CVE-2023-24045
In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request...
CVE-2021-27225
In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users who have coding permissions to read and overwrite notebooks in projects that they are not authorized to access...
Improper access control
In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users who have coding permissions to read and overwrite notebooks in projects that they are not authorized to access...
CVE-2021-27225
In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users who have coding permissions to read and overwrite notebooks in projects that they are not authorized to access...
CVE-2020-8817
Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata...
CVE-2020-8817
Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata...
Design/Logic Flaw
Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata...
CVE-2020-8817
Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata...
CVE-2020-8817
CVE-2020-8817 affects Dataiku DSS prior to 6.0.5. The issue lets an attacker with access to a project modify the project’s Created by metadata (write access to the project). CVSS vectors indicate high impact for confidentiality and integrity (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N; base 8.1). No exp...
Dataiku DSS Information Disclosure Vulnerability
Dataiku DSS is a data processing collaboration platform. the REST API is one of the APIs that supports lightweight REST style web scripts. A security vulnerability exists in the REST API in Dataiku DSS versions prior to 4.2.3. A remote attacker could exploit the vulnerability to obtain sensitive...