4391 matches found
Apache Airflow security vulnerabilities
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...
PT-2026-45368
Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbash command="echo value: dag run.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...
WeSecure
No d...
CVE-2026-10177
A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file apidocs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-46842
...
cockpit security update
310.8-1.0.1 - Fixed cockpitwst selinux issue for tmpfs Orabug: 36013589 - Move update-motd out of cockpitwst context Orabug: 36013589 - Update documentation links Orabug: 34706402 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110 - Remove duplicate reference to server in...
CVE-2026-46007
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used for DMA, that is problematic. Use the high-level DMA...
[SECURITY] Fedora 43 Update: pie-1.4.4-1.fc43
PIE PHP Installer for Extensions. PIE can install an extension to any installed PHP version. A list of extensions that support PIE can be found on https://packagist.org/extensions. Documentation: /usr/share/doc/pie/docs/usage.md...
[SECURITY] Fedora 44 Update: pie-1.4.4-1.fc44
PIE PHP Installer for Extensions. PIE can install an extension to any installed PHP version. A list of extensions that support PIE can be found on https://packagist.org/extensions. Documentation: /usr/share/doc/pie/docs/usage.md...
[SECURITY] Fedora 44 Update: composer-2.9.8-1.fc44
Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...
Malicious code in loading-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 640bfe1e0b6627e78ec34ef2d97df0d5d29d912446883f284c15935cc8f6f996 Package advertises itself via a verbatim copy of pino's README, docs/, and index.d.ts TypeScript types and documentation are pino's, but index.js doe...
CVE-2026-9246
Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 throug...
CVE-2026-9248
Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write access to any vault to copy documentation and attachments from an entry in a vault they cannot access via a crafted save request. This issue affects : Devolutions Server 2026.1.6.0...
CVE-2026-9246
Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 throug...
EUVD-2026-31458
Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 throug...
CVE-2026-9246
CVE-2026-9246 : Improper access control in Devolutions Server’s entry documentation and attachment features allows an authenticated user with vault read access to retrieve documentation and attachments of sealed entries via a crafted API request. Affected: Devolutions Server 2026.1.6.0–2026.1.16....
CVE-2026-9246
Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of sealed entries via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 throug...
CVE-2026-9248
Authorization bypass in the entry duplication feature in Devolutions Server allows an authenticated user with write access to any vault to copy documentation and attachments from an entry in a vault they cannot access via a crafted save request. This issue affects : Devolutions Server 2026.1.6.0...
CVE-2026-9248
CVE-2026-9248 details an authorization bypass in Devolutions Server’s entry-duplication feature. An authenticated user with write access to any vault can craft a save request to copy documentation and attachments from an entry in a vault they cannot access. Affected versions include Devolutions S...
MINI-6H3V-6VC3-4286
Bulletin has no description...