Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-23902

Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution. This issue affects Apache DolphinScheduler versions prior to 3.4.1. Users are recommended to...

8.1CVSS5.5AI score0.00446EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/24 12:30 p.m.14 views

Apache DolphinScheduler has an Incorrect Authorization Vulnerability

Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution. This issue affects Apache DolphinScheduler versions prior to 3.4.1. Users are recommended to...

8.1CVSS5.8AI score0.00446EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/04/24 12:30 p.m.8 views

Incorrect Authorization

Overview org.apache.dolphinscheduler:dolphinscheduler-dao is an A visual DAG workflow scheduling system, dedicated to solving the complex dependencies in data processing. Affected versions of this package are vulnerable to Incorrect Authorization during workflow execution. An attacker can gain...

8.6CVSS5.8AI score0.00446EPSS
Exploits0References2
Snyk
Snyk
added 2022/06/24 10:17 a.m.0 views

Remote Code Execution (RCE)

Overview diffy is a Convenient diffing gem in ruby. Affected versions of this package are vulnerable to Remote Code Execution RCE. The function that calls the diff tool does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitra...

9.8CVSS8AI score0.01665EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2015/01/27 12:0 a.m.3 views

PT-2015-4325 · Pivotal +1 · Rabbitmq

Name of the Vulnerable Software and Affected Versions: RabbitMQ versions 2.1.0 through 3.4.x Description: A cross-site scripting XSS issue exists due to improper handling of the path info to "api/" in an error message, allowing remote attackers to inject arbitrary web script or HTML...

4.3CVSS6AI score0.02313EPSS
Exploits0References15
Rows per page
Query Builder