Filter
AND
AND

Apache SupersetPossible log injection

First published (updated )

Apache SupersetCredentials leak

First published (updated )

Apache SupersetApache Superset: Lack of rate limiting allows for possible denial of service

First published (updated )

Apache SupersetApache Superset: Database connection password leak

First published (updated )

Apache SupersetApache Superset: Possible SSRF on import datasets

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

pip/apache-supersetApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104)

EPSS
0.04%
First published (updated )

Apache SupersetApache Superset: Incorrect default permissions for Gamma role

First published (updated )

Apache SupersetApache Superset: Metadata db write access can lead to remote code execution

First published (updated )

Apache SupersetApache Superset: Possible Unauthorized Registration of SQLite Database Connections

First published (updated )

pip/apache-supersetApache Superset: Improper API permission for low privilege users

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache SupersetApache Superset: SQL parser edge case bypasses data access authorization

First published (updated )

Apache SupersetApache Superset: Improper Authorization check on import charts

First published (updated )

pip/apache-supersetApache Superset: Improper API permission for low privilege users allows for SSRF

First published (updated )

Apache SupersetApache Superset: Improper data permission validation on Jinja templated queries

First published (updated )

Apache SupersetApache Superset: Stack traces enabled by default

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache SupersetApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb

First published (updated )

Apache SupersetXSS vulnerability on Explore page

First published (updated )

pip/apache-supersetAPI sensitive information leak

First published (updated )

Apache SupersetInfoleak

First published (updated )

pip/apache-supersetInfoleak

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache SupersetInfoleak

First published (updated )

pip/apache-supersetApache Superset: Unnecessary read permissions within the Gamma role

First published (updated )

pip/apache-supersetImproper access to dataset metadata information

First published (updated )

Apache SupersetApache Superset stored XSS on Dashboard markdown

First published (updated )

Apache SupersetApache Superset Open Redirect

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache SupersetApache Superset: Dashboard metadata information leak

First published (updated )

Apache SupersetApache Superset: Cross-Site Scripting on dashboards

First published (updated )

Apache SupersetApache Superset: Improper rendering of user input

First published (updated )

Apache SupersetApache Superset: Open Redirect Vulnerability

First published (updated )

Apache SupersetApache Superset: Cross-Site Scripting vulnerability on upload forms

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203