CVE-2026-40337 Sentry kernel has incomplete ownership check for IRQ line manipulation

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

CVE-2026-40337 Sentry kernel has incomplete ownership check for IRQ line manipulation

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

EUVD-2026-12566

Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...

CVE-2026-30911 Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization

Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...

CVE-2026-22922

Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this...

Apache Airflow Has an Authorization Bypass That Allows Unauthorized Task Log Access

Vulnerability Overview An authorization bypass vulnerability exists in Apache Airflow that allows authenticated users to access task execution logs without the required permissions. The Flaw The vulnerability affects environments using custom roles or granular permission settings. Normally, Airfl...

CVE-2026-22922

Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this...

CVE-2026-22922 Apache Airflow: Airflow externalLogUrl Permission Bypass

Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this...

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. Versions 3.1.0 to 3.1.6 of Apache Airflow contain securit...

EUVD-2022-3915

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-3283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10...

CVE-2023-27574

ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODESIGNINGINJECTBASEENTITLEMENTS...

CVE-2022-22481

IBM Navigator for i 7.2, 7.3, and 7.4 heritage version could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks...

RSA Archer 安全漏洞

RSA Archer is an enterprise IT governance and compliance governance product from RSA UK, including policy, risk and compliance definition and management. It is able to aggregate all our enterprise assets, as well as some of the monitored information all together, organized on top of a unified...

HashiCorp Nomad and Nomad Enterprise up to Security Breach

Hashicorp Nomad and Hashicorp Nomad Enterprise are both products of Hashicorp, Inc.Hashicorp Nomad is a distributed, data center-aware cluster and application scheduler. It supports the deployment of microservices, batch, containerized and non-containerized applications.Hashicorp Nomad Enterprise...

PT-2021-19961 · Hashicorp · Nomad Enterprise +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions prior to 0.12.10 HashiCorp Nomad and Nomad Enterprise versions prior to 1.0.3 Description: The issue is related to improper privilege management, allowing exec and java task drivers to access...

Unspecified Vulnerability in Avast Antivirus (CNVD-2020-22019)

Avast Antivirus is a suite of antivirus software from the Czech company Avast. A security vulnerability exists in the aswTask RPC endpoint of the TaskEx library in Avast Service AvastSvc.exe in versions prior to Avast Antivirus 20. An attacker can exploit the vulnerability to bypass access...