Filter
-Infinity
0
Trending
pip/apache-supersetSQL injection vulnerability in chart data API
9.8
First published (updated )
pip/apache-supersetApache Superset: Improper SQL authorisation, parse not checking for specific engine functions
9.8
First published (updated )
Apache SupersetApache Superset Insecure Default Initialization of Resource Vulnerability
First published (updated )
pip/supersetVersions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize…
9.8
First published (updated )
pip/apache-supersetApache Superset: Stored XSS in Dashboard Title and Chart Title
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SupersetPossible SQL Injection when template processing is enabled
8.8
First published (updated )
Apache SupersetApache Superset: Cross Site Request Forgery (CSRF) on accept, request access API
8.8
First published (updated )
pip/apache-supersetApache Superset: Privilege escalation with default examples database
8.8
First published (updated )
pip/apache-supersetApache Superset: SQL Injection on where_in JINJA macro
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/apache-supersetApache Superset: Privilege Escalation Vulnerability
7.7
First published (updated )
pip/apache-supersetApache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled
7.6
First published (updated )
pip/apache-supersetApache Superset: SQLLab Improper readonly query validation allows unauthorized write access
7.1
First published (updated )
pip/apache-supersetApache Superset: Server arbitrary file read
6.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SupersetApache Superset: Metadata db write access can lead to remote code execution
6.6
First published (updated )
Apache SupersetApache Superset: Possible Unauthorized Registration of SQLite Database Connections
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SupersetApache Superset: Possible SSRF on import datasets
6.5
First published (updated )
Apache SupersetApache Superset: Database connection password leak
6.5
First published (updated )
Apache SupersetApache Superset: Lack of rate limiting allows for possible denial of service
6.5
First published (updated )
Apache SupersetApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SupersetApache Superset stored XSS on Dashboard markdown
5.4
First published (updated )
pip/apache-supersetApache Superset: Improper API permission for low privilege users
5.4
First published (updated )
pip/apache-supersetApache Superset: Improper API permission for low privilege users allows for SSRF
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.