Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6032 matches found

Positive Technologies
Positive Technologiesadded 2023/11/13 12:0 a.m.6 views

PT-2023-30687 · Unknown · Dreamer Cms

Name of the Vulnerable Software and Affected Versions: Dreamer CMS version 4.1.3 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /admin/task/run component. This allows for unauthorized actions to be performed on behalf of an authenticated user. Recommendations: For...

8.8CVSS6.5AI score0.00364EPSS
Exploits1References5
CVE
CVEadded 2023/11/13 12:0 a.m.68 views

CVE-2023-48058

Dreamer CMS and related records: CVE-2023-48058 is a CSRF affecting Dreamer CMS v4.1.3, involving the /admin/task/run component. The vulnerability allows unauthorized actions to be performed by an authenticated user (high impact: confidentiality, integrity, and availability all rated High). Publi...

8.8CVSS8.8AI score0.00364EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2023/11/13 12:0 a.m.4 views

Dreamer CMS Security Vulnerability

Dreamer CMS is a Dreamer Content Management System by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS version 4.1.3, which stems from a cross-site request forgery CSRF vulnerability in component /admin/task/run...

8.8CVSS6.8AI score0.00364EPSS
Exploits1References2
OSV
OSVadded 2023/11/12 3:30 p.m.3 views

GHSA-R7X6-XFCM-3MXV Apache Airflow vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. This is a different issue than CVE-2023-42663 but leading to similar outcome. Users of Apache Airflow are...

7.1CVSS6.6AI score0.01657EPSS
Exploits0References7
OSV
OSVadded 2023/11/12 2:15 p.m.3 views

PYSEC-2023-231

Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. This is a different issue than CVE-2023-42663 but leading to similar outcome. Users of Apache Airflow are...

6.5CVSS6.6AI score0.01657EPSS
Exploits0References3
Prion
Prionadded 2023/11/12 2:15 p.m.24 views

Security feature bypass

Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. This is a different issue than CVE-2023-42663 but leading to similar outcome. Users of Apache Airflow are...

4CVSS6.2AI score0.01657EPSS
Exploits0References3Affected Software1
PyPA
PyPAadded 2023/11/12 2:15 p.m.7 views

PYSEC-2023-231

Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. This is a different issue than CVE-2023-42663 but leading to similar outcome.Users of Apache Airflow are...

6.5CVSS6.6AI score0.01657EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2023/11/12 1:14 p.m.19 views

CVE-2023-42781 Apache Airflow: Permission verification bypass allows viewing dagruns of other dags

Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. This is a different issue than CVE-2023-42663 but leading to similar outcome. Users of Apache Airflow are...

6.4AI score0.01657EPSS
Exploits0References3
CVE
CVEadded 2023/11/12 1:14 p.m.83 views

CVE-2023-42781

CVE-2023-42781 affects Apache Airflow up to versions before 2.7.3 . The issue allows an authorized user (with access to read specific DAGs) to view information about task instances in other DAGs . This is a cross-DAG information disclosure vulnerability rather than a code execution flaw. Mitigati...

6.5CVSS6.2AI score0.01657EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2023/11/12 12:0 a.m.6 views

PT-2023-6909 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.7.3 Description: The issue is related to insufficient protection of internal data in Apache Airflow, allowing an authorized user with limited access to read specific DAGs to also read information about task...

7.1CVSS6AI score0.01657EPSS
Exploits0References14
OSV
OSVadded 2023/11/09 1:15 a.m.30 views

CVE-2023-20902

A timing condition in Harbor 2.6.x and below, Harbor 2.7.2 and below, Harbor 2.8.2 and below, and Harbor 1.10.17 and below allows an attacker with network access to create jobs/stop job tasks and retrieve job task information...

6.5CVSS6.7AI score
Exploits0References1
Citrix
Citrixadded 2023/11/09 12:0 a.m.9 views

Citrix MCS may take several hours to delete failed tasks

Citrix MCS may take several hours to delete failed VM creation tasks...

7AI score
Exploits0
CNNVD
CNNVDadded 2023/11/09 12:0 a.m.4 views

Harbor Competitive Conditions Issue Vulnerability

Harbor is an open source registry from Harbor Open Source. Protects artifacts with policies and role-based access control, ensures images are scanned and free of vulnerabilities, and signs images as trusted. A security vulnerability exists in Harbor version 2.6.x and earlier, version 2.7.2 and...

6.5CVSS6.7AI score0.00373EPSS
Exploits1References2
NVD
NVDadded 2023/11/08 8:15 a.m.17 views

CVE-2023-41112

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123. A buffer copy, without checking the size of the input, can cause...

7.5CVSS0.0059EPSS
Exploits0References1
Prion
Prionadded 2023/11/08 8:15 a.m.22 views

Code injection

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123. A buffer copy, without checking the size of the input, can cause...

5CVSS7.2AI score0.0059EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/11/08 12:0 a.m.21 views

CVE-2023-41112

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123. A buffer copy, without checking the size of the input, can cause...

7.1CVSS7.8AI score0.0059EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/11/08 12:0 a.m.13 views

CVE-2023-41112

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123. A buffer copy, without checking the size of the input, can cause...

7.1CVSS7.3AI score0.0059EPSS
Exploits0References1
CVE
CVEadded 2023/11/08 12:0 a.m.58 views

CVE-2023-41112

CVE-2023-41112 affects Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem families (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, plus Modem 5123/5300 and Auto T5123). Root cause: a buffer copy without input size validation in the RL...

7.5CVSS7.5AI score0.0059EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2023/11/08 12:0 a.m.5 views

PT-2023-27795 · Samsung · Modem 5123 +15

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem versions Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123 Description: A buffer copy issue,...

7.5CVSS7AI score0.0059EPSS
Exploits0References4
Cvelist
Cvelistadded 2023/11/08 12:0 a.m.27 views

CVE-2023-41111

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123. Improper handling of a length parameter inconsistency can cause...

7.1CVSS7.7AI score0.0059EPSS
Exploits0References1
Rows per page
Query Builder