6034 matches found
CVE-2024-10443
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via...
CVE-2024-10443
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via...
CVE-2024-10443
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via...
CVE-2024-10443
CVE-2024-10443 affects Synology BeePhotos (BeeStation OS) and Synology Photos on DSM 7.2. The flaw is Improper neutralization of special elements used in an OS command (OS command injection) in the Task Manager component. Affected versions include BeePhotos before 1.0.2-10026 and 1.1.0-10053, and...
CVE-2024-10443
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via...
Apache Airflow: Sensitive configuration values are not masked in the logs by default
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...
CVE-2024-45784
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...
CVE-2024-45784
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...
PYSEC-2024-182
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...
PYSEC-2024-182
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...
CVE-2024-45784
Summary (CVE-2024-45784): Apache Airflow versions before 2.10.3 may log sensitive configuration variables in task logs, risking exposure to unauthorized users. The underlying issue is that secrets were not masked in logging output. Version 2.10.3 and later mask secrets in task logs, mitigating th...
CVE-2024-45784 Apache Airflow: Sensitive configuration values are not masked in the logs by default
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...
CVE-2024-45784 Apache Airflow: Sensitive configuration values are not masked in the logs by default
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentionally or intentionally log sensitive configuration variables. Unauthorized users could access these logs, potentially...
Apache Airflow 安全漏洞
Apache Airflow is an open source platform for creating, managing and monitoring workflows from the Apache USA Foundation. The platform is characterized by scalability and dynamic monitoring. A security vulnerability exists in Apache Airflow versions prior to 2.10.3 that stems from the possibility...
Synology BeePhotos 操作系统命令注入漏洞
Synology BeePhotos is a photo backup program from China-based Synology Inc. The operating system command injection vulnerability exists in Synology BeePhotos versions prior to 1.0.2-10026 and 1.1.0-10053, which stems from improper neutralization of a special element in the Task Manager component,...
PT-2024-35211 · Unknown · Do That Task
Name of the Vulnerable Software and Affected Versions: Do That Task versions 1.5.5 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the...
WordPress plugin Do That Task 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...
kernel: sched/deadline: Fix task_struct reference leak
A vulnerability was found in the Linux kernel's deadline scheduler in the enqueuetaskdl function, where the reference count is improperly decremented in certain situations, potentially causing a memory leak. This issue can lead to memory exhaustion over time...
Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs
Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager NTLM and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 202...
The vulnerability of the Task Scheduler in Windows operating systems allows a malicious individual to escalate their privileges.
The vulnerability of the Task Scheduler in Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to increase their privileges, provided that a specially crafted application is executed. Additionally, updates from...