SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended…

Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an unauthorized actor to gain access to sensitive information in Connection edit view.…

Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by…

Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to cause a service disruption by manipulating the run_id parameter. This…

In bluetooth service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed. Zafiyet ile…

In bluetooth service, there is a possible out of bounds write due to race condition. This could lead to local denial of service with System…

Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through…

The Ocean Extra plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.5]. This is due to missing or…

The Top 10 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.10.4. This is due to missing or…

The Defender Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.6. This is due to missing or…