942 matches found
CVE-2026-57381
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Property Hive PropertyHive propertyhive allows Reflected XSS.This issue affects PropertyHive: from n/a through = 2.2.3...
CVE-2026-57381 WordPress PropertyHive plugin <= 2.2.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Property Hive PropertyHive propertyhive allows Reflected XSS.This issue affects PropertyHive: from n/a through = 2.2.3...
PYSEC-2026-1139 Apache Airflow Apache Hive Provider Improper Input Validation vulnerability
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxyuser option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updatin...
PYSEC-2026-772 OS Command Injection in Apache Airflow
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider...
PYSEC-2026-273 Apache Airflow Hive Provider Beeline remote code execution with Principal
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider. This issue affects Apache Airflow Apache Hive Provider: before 6.1.1. Before version 6.1.1 it was possible to bypass the security check to RCE via principal parameter. For this to be exploited it...
PYSEC-2026-272 Apache Airflow Hive Provider Improper Input Validation vulnerability
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...
PYSEC-2026-271 Apache Airflow Hive Provider vulnerable to code injection
Apache Software Foundation's Apache Airflow Hive Provider before 6.0.0 is vulnerable to improper control of generation of code...
PYSEC-2026-351 H2O Deserialization of Untrusted Data Vulnerability
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and POST /3/SaveToHiveTable, where user-controlled JDBC URLs are...
PYSEC-2026-274 Apache Airflow Hive Provider vulnerable to Command Injection
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider before 5.0.0...
ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +2498 more potentially affected by CVE-2026-46340 via io.netty:netty-transport-sctp (>=4.0.0.Beta1 <=4.1.134.Final)
io.netty:netty-transport-sctp MAVEN version =4.0.0.Beta1, =0.0.86, =0.0.86, =0.0.86, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.0.1, =2.0.24, =1.1.9, =0.0.1, =0.0.9 and more Source cves: CVE-2026-46340 Source advisory: OSV:GHSA-5XRH-QMMQ-W6CH...
ai.h2o:h2o-algos (=0.1.9), ai.h2o:h2o-app (=0.1.9) +2053 more potentially affected by CVE-2026-45536 via io.netty:netty-transport-native-kqueue (>=4.1.11.Final <=4.1.134.Final)
io.netty:netty-transport-native-kqueue MAVEN version =4.1.11.Final, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.1.0, =0.0.1, =2.4.0, =1.5.0, =3.0.0, =3.0.0, =3.0.1 and more Source cves: CVE-2026-45536 Source advisory: OSV:GHSA-W573-9FFJ-6FF9...
CVE-2025-59874
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2026-7824
An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" diagnostic mode is enabled, the application inadvertently records administrative credentials in plain text within the log files. An attacker with administrative access to the PaperCut Hive management...
CVE-2026-42729
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Property Hive PropertyHive propertyhive allows DOM-Based XSS.This issue affects PropertyHive: from n/a through = 2.2.2...
CVE-2025-59874
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2025-59874 HCL Hive Telco Observability is affected by a Required directives missing from the CSP .
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2025-59874 HCL Hive Telco Observability is affected by a Required directives missing from the CSP .
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2025-59874
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
HCL Hive Telco Observability 安全漏洞
HCL Hive Telco Observability is a telecommunications network observability platform developed by the Indian company HCL. There is a security vulnerability in HCL Hive Telco Observability, which stems from the lack of necessary CSP directives in the keycloak component of the web application. This...
Zafran vs Hive Pro: A Fair CTEM Comparison
CTEM coverage claims sound similar until teams compare how exposure evidence becomes action. A fair platform decision hinges on discovery, validation, intelligence, and the remediation model already in place. Comparing CTEM platforms now? Book a Hive Pro demo to assess integrated discovery,...