Lucene search
K

4 matches found

OSV
OSV
added 2026/04/18 8:37 a.m.6 views

BIT-AIRFLOW-2025-54550 Apache Airflow: RCE by race condition in example_xcom dag

The example examplexcom that was included in airflow documentation implemented unsafe pattern of reading value from xcom in the way that could be exploited to allow UI user who had access to modify XComs to perform arbitrary execution of code on the worker. Since the UI users are already highly...

8.1CVSS5.8AI score0.00579EPSS
Exploits0References4
Snyk
Snyk
added 2022/06/23 9:26 a.m.4 views

Malicious Package

Overview example-data-fetching is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7AI score
Exploits0References3
exploitpack
exploitpack
added 2010/02/24 12:0 a.m.12 views

OpenInferno OI.Blogs 1.0 - Multiple Local File Inclusions

OpenInferno OI.Blogs 1.0 - Multiple Local File Inclusions source: https://www.securityfocus.com/bid/38402/info OpenInferno OI.Blogs is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/04/27 12:0 a.m.16 views

Invision Power Board (IP.Board) 3.0 - Multiple HTML Injection Information Disclosure Vulnerabilities

Invision Power Board IP.Board 3.0 - Multiple HTML Injection Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitiz...

7.6AI score
Exploits0
Rows per page
Query Builder