1097 matches found
Apache Superset <=1.3.2 - Default Login
Apache Superset through 1.3.2 contains a default login vulnerability via registered database connections for authenticated users. An attacker can obtain access to user accounts and thereby obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-44451 info:...
Apache Superset < 4.0.2 - SQL Injection
An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new...
Apache Superset - Authentication Bypass
Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRETKEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset...
GHSA-JQ35-7PRP-9V3F vulnerabilities
Vulnerabilities for packages: openstack-placement-2025.1, litellm, openstack-placement-2025.2-fips, openstack-glance-2025.2-fips, openstack-placement-2025.2, wazuh-manager-fips, kserve, openstack-horizon-2025.2-fips, openstack-glance-2026.1-fips, openstack-glance-2025.1-fips,...
CVE-2026-48523 vulnerabilities
Vulnerabilities for packages: openstack-placement-2025.1, litellm, openstack-placement-2025.2-fips, openstack-glance-2025.2-fips, openstack-placement-2025.2, wazuh-manager-fips, kserve, openstack-horizon-2025.2-fips, openstack-glance-2026.1-fips, openstack-glance-2025.1-fips,...
GHSA-FHV5-28VV-H8M8 vulnerabilities
Vulnerabilities for packages: openstack-placement-2025.1, litellm, openstack-placement-2025.2-fips, openstack-glance-2025.2-fips, openstack-placement-2025.2, wazuh-manager-fips, kserve, openstack-horizon-2025.2-fips, openstack-glance-2026.1-fips, openstack-glance-2025.1-fips,...
CVE-2026-48526 vulnerabilities
Vulnerabilities for packages: openstack-placement-2025.1, litellm, openstack-placement-2025.2-fips, openstack-glance-2025.2-fips, openstack-placement-2025.2, wazuh-manager-fips, kserve, openstack-horizon-2025.2-fips, openstack-glance-2026.1-fips, openstack-glance-2025.1-fips,...
CVE-2026-48524 vulnerabilities
Vulnerabilities for packages: openstack-placement-2025.1, litellm, openstack-placement-2025.2-fips, openstack-glance-2025.2-fips, openstack-placement-2025.2, wazuh-manager-fips, kserve, openstack-horizon-2025.2-fips, openstack-glance-2026.1-fips, openstack-glance-2025.1-fips,...
CVE-2026-48525 vulnerabilities
Vulnerabilities for packages: openstack-placement-2025.1, litellm, openstack-placement-2025.2-fips, openstack-glance-2025.2-fips, openstack-placement-2025.2, wazuh-manager-fips, kserve, openstack-horizon-2025.2-fips, openstack-glance-2026.1-fips, openstack-glance-2025.1-fips,...
GHSA-W7VC-732C-9M39 vulnerabilities
Vulnerabilities for packages: openstack-placement-2025.1, litellm, openstack-placement-2025.2-fips, openstack-glance-2025.2-fips, openstack-placement-2025.2, wazuh-manager-fips, kserve, openstack-horizon-2025.2-fips, openstack-glance-2026.1-fips, openstack-glance-2025.1-fips,...
GHSA-XGMM-8J9V-C9WX vulnerabilities
Vulnerabilities for packages: openstack-placement-2025.1, litellm, openstack-placement-2025.2-fips, openstack-glance-2025.2-fips, openstack-placement-2025.2, wazuh-manager-fips, kserve, openstack-horizon-2025.2-fips, openstack-glance-2026.1-fips, openstack-glance-2025.1-fips,...
SUSE CVE-2026-34043
Serialize JavaScript to a superset of JSON that includes regular expressions and functions. Prior to version 7.0.5, there is a Denial of Service DoS vulnerability caused by CPU exhaustion. When serializing a specially crafted "array-like" object an object that inherits from Array.prototype but ha...
CVE-2026-41205 vulnerabilities
Vulnerabilities for packages: mlflow, jupyter-base-notebook, prefect-fips, airflow-core, airflow, dagster-fips, superset, pgadmin4-fips, nemo, dagster, open-webui...
CVE-2026-41205 vulnerabilities
Vulnerabilities for packages: jupyter-base-notebook, mlflow, airflow, open-webui, superset...
GHSA-WJX4-4JCJ-G98J vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, superset...
CVE-2026-42310 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, superset...
GHSA-R73J-PQJ5-W3X7 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, superset...
CVE-2026-42308 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, superset...
Exploit for SQL Injection in Apache Superset
CVE-2026-23980 - Apache Superset Authenticated SQL Injection...
GHSA-FJ97-2V9X-W5M4 vulnerabilities
Vulnerabilities for packages: superset...