Insertion of Sensitive Information into Log File

Overview apache-airflow-task-sdk is a The Apache Airflow Task SDK includes interfaces for Dag authors and Task execution logic for Python. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File which had masksecret applied. The DAG run logs UI exposes...

CVE-2026-4810

CVE-2026-4810 is a Code Injection and Missing Authentication vulnerability in Google Agent Development Kit (ADK) affecting Python OSS, Cloud Run, and GKE. Affected ADK versions range from 1.7.0 (and 2.0.0a1) through 1.28.1 (and 2.0.0a2), where an unauthenticated remote attacker can execute arbitr...

GHSA-479C-33WC-G2PG React Server Components have a Denial of Service Vulnerability

Impact A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack versions 19.0.0, 19.1.0 and 19.2.0. The vulnerability is triggered by sending specially crafted HTTP requests...

Linux Distros Unpatched Vulnerability : CVE-2026-27204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04, 41.0.4, and 42.0.0, Wasmtime's implementation of WASI host interfaces are...

EUVD-2022-41782

Malicious code in bioql PyPI...

SUSE CVE-2023-39913

Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue. The...

CVE-2024-55630

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Joplin's HTML sanitizer allows the name attribute to be specified. If name is set to the same value as an existing document property e.g. querySelector, that propert...

CVE-2022-31194

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowi...

Elastic Stack 7.9.0 and 6.8.12 Security Update

Elasticsearch field disclosure flaw ESA-2020-12 A field disclosure flaw was found in Elasticsearch when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This...

AMTELCO miSecureMessages Server insecurely authenticates clients

Overview AMTELCO miSecureMessages Server Release 6.2 performs weak authentication for access to user messages CWE-287. Description AMTELCO miSecureMessages Server Release 6.2 performs weak authentication for access to user messages. miSecureMessages authenticates client app XML requests for...