10 matches found
CVE-2026-40501
Cherry Studio versions 1.2.2 through 1.9.12, fixed in commit 1518530, contain a remote code execution vulnerability in SearchService that allows remote attackers to execute arbitrary code by delivering malicious JavaScript through controlled search provider content loaded into an Electron...
CVE-2026-40501
Cherry Studio versions 1.2.2–1.9.12 contain a remote code execution vulnerability in the SearchService due to a nodeIntegration misconfiguration. When an Electron BrowserWindow is created with nodeIntegration enabled and contextIsolation disabled, control over search provider content (provided by...
EUVD-2026-44747
Cherry Studio versions 1.2.2 through 1.9.12, fixed in commit 1518530, contain a remote code execution vulnerability in SearchService that allows remote attackers to execute arbitrary code by delivering malicious JavaScript through controlled search provider content loaded into an Electron...
CVE-2026-43826 Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedded in the host URL
The OpenSearch logging provider, when configured with a host URL that embeds credentials for example https://user:[email protected]:9200, wrote the full host URL — including the embedded credentials — into task logs. Any user with task-log read permission could harvest the backend...
Apache Airflow 日志信息泄露漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. The Apache Airflow OpenSearch Provider has a vulnerabilit...
SUSE: Security Advisory (SUSE-SU-2024:2399-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2024:2399-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2399-1 advisory. Update to Firefox Extended Support Release 115.13.0 ESR MFSA 2024-30, bsc1226316: - CVE-2024-660...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2024:2371-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2371-1 advisory. Update to Firefox Extended Support Release 115.13.0 ESR MFSA 2024-30, bsc1226316: - CVE-2024-6600: Memory corruption in WebGL API -...
SUSE: Security Advisory (SUSE-SU-2024:2371-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2371-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.13.0 ESR MFSA 2024-30, bsc1226316: - CVE-2024-6600: Memory corruption in WebGL API - CVE-2024-6601: Race condition in permission assignment - CVE-2024-6602: Memory corruption in NSS -...