CVE-2022-38649 - OS Command Injection Vulnerability in Apache Airflow Pinot Provider – Explained
In August 2022, a critical security issue was discovered in the Apache Airflow Pinot Provider. Labeled CVE-2022-38649, this vulnerability exposes Apache Airflow users to OS
CVE-2022-40189 - OS Command Injection in Apache Airflow Pig Provider – What You Need to Know
Apache Airflow is one of the most popular workflow management systems in data engineering and machine learning pipelines. It supports various providers to interact with
CVE-2022-44784 - Remote Arbitrary Service Creation & Code Execution in Appalti & Contratti (LFS / DL229) via Exposed Axis AdminService
In 2022, a critical vulnerability was discovered in Appalti & Contratti version 9.12.2, within its widely used web applications LFS and DL229. The
CVE-2022-45470 - How Missing Input Validation in Apache Hama Leads to Information Disclosure (Path Traversal & XSS Explained)
In late 2022, a significant vulnerability CVE-2022-45470 was discovered in Apache Hama. This issue is particularly interesting because it revolves around classic web security pitfalls:
CVE-2022-43162 The id parameter of the a>NVDLMS v1.0 SQL injection vulnerability was found at /tests/view_test.php.
An attacker can exploit this vulnerability to execute arbitrary SQL commands with root privileges. This may lead to the compromise of the affected site. An
Episode
00:00:00
00:00:00