Rezultati pretraživanja za 'Proizvođač: apache'
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2023-49898 | 7.2 | In streampark, there is a project module that integrates Maven's compilation capability. However, there is no check on the compilation parameters of Maven. allowing attackers to insert commands for remote command execution, The prerequisite for a suc | 2024-01-05 20:00:50 | 2023-12-15 13:15:07 |
| CVE-2023-37544 | 7.5 | Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect to the /pingpong endpoint without authentication. This issue affects Apache Pulsar WebSocket Proxy: from 2.8.0 through 2.8.*, from 2.9.0 through 2.9 | 2024-01-04 18:52:01 | 2023-12-20 09:15:07 |
| CVE-2023-51467 | 9.8 | The vulnerability allows attackers to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) | 2024-01-04 03:04:43 | 2023-12-26 15:15:08 |
| CVE-2023-50968 | 7.5 | Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recomme | 2024-01-04 03:01:53 | 2023-12-26 12:15:07 |
| CVE-2023-48291 | 4.3 | Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user | 2023-12-28 13:52:59 | 2023-12-21 10:15:36 |
| CVE-2023-49920 | 6.5 | Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible for a malicious website opened in the same browser - by the user who also | 2023-12-28 13:49:22 | 2023-12-21 10:15:36 |
| CVE-2023-50783 | 6.5 | Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable. This flaw compromises the integrity of variable management, potentially leading to una | 2023-12-28 13:45:11 | 2023-12-21 10:15:36 |
| CVE-2021-39232 | 6.5 | In Apache Ozone versions prior to 1.2.0, certain admin related SCM commands can be executed by any authenticated users, not just by admins. | 2023-12-22 19:21:38 | 2021-11-19 10:15:08 |
| CVE-2021-39236 | 6.5 | In Apache Ozone before 1.2.0, Authenticated users with valid Ozone S3 credentials can create specific OM requests, impersonating any other user. | 2023-12-22 19:21:36 | 2021-11-19 10:15:08 |
| CVE-2021-39235 | 4.0 | In Apache Ozone before 1.2.0, Ozone Datanode doesn't check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block. | 2023-12-22 19:21:34 | 2021-11-19 10:15:08 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/250
Zapisa po stranici: