1063 matches found
CVE-2024-47827
CVE-2024-47827 affects Argo Workflows (controller) where a race condition in a global variable in the 3.6.0-rc1 release can cause the controller to crash when a user with workflow execution access triggers a run. The issue is fixed in 3.6.0-rc2. Affected product: Argo Workflows (Kubernetes). Root...
CVE-2024-47827 Argo Workflows Controller: Denial of Service via malicious daemon Workflows
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This vulnerabili...
Argo Workflows 安全漏洞
Argo Workflows is an open source container-native workflow engine for Kubernetes from the Argo project. A security vulnerability exists in Argo Workflows version 3.6.0-rc1, which stems from a race condition in a global variable that allows any user authorized to execute workflows to crash the arg...
PT-2024-32838
Name of the Vulnerable Software and Affected Versions Argo Workflows version 3.6.0-rc1 Description Due to a race condition in a global variable, the Argo Workflows controller can be made to crash on-command by any user with access to execute a workflow. This issue can be exploited by creating and...
Liferay Portal和Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
GHSA-GX9M-WHJM-85JF vulnerabilities
Vulnerabilities for packages: argo-workflows...
CVE-2024-47875 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards-fips, argo-workflows...
CVE-2024-47875 vulnerabilities
Vulnerabilities for packages: argo-workflows...
CVE-2024-45919
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...
CVE-2024-45919
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...
CVE-2024-45919
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...
CVE-2024-45919
CVE-2024-45919 affects Solvait 24.4.2. The vulnerability arises from a flaw in the /AssignToMe/SetAction endpoint where manipulating Request ID and Action Type can bypass approval workflows, enabling privilege escalation and potential access to sensitive data or fraudulent approvals. Connected so...
GHSA-PXG6-PF52-XH8X vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, sqlpad, vitess, kubeflow-centraldashboard, kubeflow-pipelines, jitsucom-jitsu, thingsboard, argo-workflows, opensearch-dashboards-fips, kibana...
CVE-2024-47764 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, sqlpad, vitess, kubeflow-centraldashboard, kubeflow-pipelines, jitsucom-jitsu, thingsboard, argo-workflows, opensearch-dashboards-fips, kibana...
CVE-2024-8263
An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version 3.10.17, 3.11.15, 3.12.9, 3.13.4, and 3.14.1. Thi...
PT-2024-38898 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.10.17 GitHub Enterprise Server versions prior to 3.11.15 GitHub Enterprise Server versions prior to 3.12.9 GitHub Enterprise Server versions prior to 3.13.4 GitHub Enterprise Server versions prior ...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stem...
Unspecified Vulnerability in JetBrains YouTrack (CNVD-2025-16856)
JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, and is primarily geared towards team collaboration management, especially suitable for software development, human resources, marketing, and other scenarios. JetBrains YouTrack suffers from a securit...
CVE-2024-47159
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project...
CVE-2024-47159
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project...