BIT-AIRFLOW-2026-32228 Apache Airflow: Users with asset materialization permisssions could trigger Dags they had no access to

UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue...

Improper Encoding (Escaping Of Output)

Apache Airflow is vulnerable to Improper Encoding Escaping of Output. The vulnerability is due to the example DAG exampleinleteventextra.py allowing authenticated attackers with DAG trigger permissions to execute arbitrary commands...

Scientific Linux Security Update : postgresql and postgresql84 on SL5.x, SL6.x i386/x86_64 (20120521)

PostgreSQL is an advanced object-relational database management system DBMS. The pgdump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command. This SQL comma...

postgresql: Absent permission checks on trigger function to be called when creating a trigger

CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on...

SQL SERVER security risks--triggers-vulnerability warning-the black bar safety net

| This article is dedicated to the cross I of the development program teacher-XI'an ZHAOLONG of the week the teacher, and learning together AT2Q6101 of classmates. Trigger permissions and ownership CREATE TRIGGER permissions default to the definition of the trigger table owner, members of the...