4 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handling of messages from D-Bus peers. An attacker can exhaust system resources, cause application crashes, or spoof signals by sending messages with excessive Unix file...
Cross site request forgery (csrf)
A REST interface in Apache StreamPipes versions 0.69.0 to 0.91.0 was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The issue is resolved by upgrading to StreamPipes 0.92.0...
PT-2023-23347 · Apache · Apache Streampipes
Name of the Vulnerable Software and Affected Versions: Apache StreamPipes versions 0.69.0 through 0.91.0 Description: A REST interface in Apache StreamPipes was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond th...
PT-2022-22086 · Nocodb · Nocodb
Name of the Vulnerable Software and Affected Versions: NocoDB versions prior to 0.92.0 Description: The issue allows actors to cause a Denial of Service DoS by inserting large characters into the input field New Project on the create field via a crafted HTTP request. Recommendations: For versions...