CVE-2020-17526

Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default config allows a malicious airflow user on site A where they log in normally, to access unauthorized Airflow Webserver on Site B through the session from Site A. This does not affect users who have...

EUVD-2024-51640

Malicious code in bioql PyPI...

GHSA-H7X8-JV97-FVVM Dagster Local File Inclusion vulnerability

Local File Inclusion in dagster.grpc.impl.getnotebookdata in Dagster 1.10.14 allows attackers with access to the gRPC server to read arbitrary files by supplying path traversal sequences in the notebookpath field of ExternalNotebookData requests, bypassing the intended extension-based check...

Dagster 路径遍历漏洞

Dagster is a Dagster open source orchestration platform for developing, producing and observing data assets. A security vulnerability exists in Dagster version 1.10.14, which stems from a path traversal sequence in the notebookpath field that can bypass extension-based checks and lead to the...

CVE-2024-13509

The WS Form LITE and PRO plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, and including, 1.10.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress plugin WP24 Domain Check 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Apache Airflow Webserver Unauthorized Access Vulnerability

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security vulnerability exists in Apache Airflow Webserver versions prior to 1.10....

Apache Airflow Webserver 安全漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security vulnerability exists in Apache Airflow Webserver versions prior to 1.10....

CentOS 7 : wireshark (CESA-2015:2393)

Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

Oracle Linux 7 : wireshark (ELSA-2015-2393)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2393 advisory. - Related: CVE-2015-6244 - Resolves: CVE-2015-3182 - Resolves: CVE-2015-6243 CVE-2015-6244 CVE-2015-6245 CVE-2015-6246 CVE-2015-6248 - Resolves:...

SUSE-SU-2015:1046-1 Security update for wireshark

Wireshark was updated to 1.10.14 to fix four security issues. The following vulnerabilities have been fixed: CVE-2015-3811: The WCP dissector could crash while decompressing data. wnpa-sec-2015-14 CVE-2015-3812: The X11 dissector could leak memory. wnpa-sec-2015-15 CVE-2015-3813: The packet...