25 matches found
BIT-NIFI-2026-25903 Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...
CVE-2026-25903
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...
Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...
GHSA-C5W7-M8WF-XC77 Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...
Missing Authorization
Overview org.apache.nifi:nifi-web-api is a system to process and distribute data. Affected versions of this package are vulnerable to Missing Authorization when updating configuration properties on extension components with restricted permissions. An attacker can modify sensitive configuration...
CVE-2026-25903
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...
CVE-2026-25903
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...
CVE-2026-25903 Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...
CVE-2026-25903 Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates
Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to...
EUVD-2025-18638
Malicious code in bioql PyPI...
EUVD-2025-27491
Malicious code in bioql PyPI...
CVE-2025-23343
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering...
CVE-2025-23343
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering...
CVE-2025-23343
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering...
CVE-2025-23343
The CVE-2025-23343 entry concerns NVIDIA NVDebug tool. Affected component: NVDebug (path traversal vulnerability) that may allow an actor to write files to restricted components, potentially causing information disclosure, denial of service, and data tampering. Public sources (NVD/NVIDIA bulletin...
CVE-2025-23343
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering...
CVE-2025-23343
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering...
PT-2025-36971
Name of the Vulnerable Software and Affected Versions: NVIDIA NVDebug affected versions not specified Description: The NVIDIA NVDebug tool contains an issue that may allow an actor to write files to restricted components. A successful exploit of this issue may lead to information disclosure, deni...
Security Bulletin: NVIDIA NVDebug Tool - September 2025
NVIDIA has released a software update for NVIDIA® NVDebug tool to address the security issue that may lead to impacts described below. To protect your system, download and install the latest version of the NVDebug tool from the NVIDIA Developer Tools page. Go to NVIDIA Product Security. Details...
CVE-2025-23252
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to restricted components. A successful exploit of this vulnerability may lead to information disclosure...