Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arrow vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2019-11404
arrow-kt Arrow prior to 0.9.0 resolved Gradle build artifacts (for compiling and building the published JARs) over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by an MITM attack.
Arrow-kt Arrow
7.5
CVSSv3
CVE-2019-12408
It exists that the C++ implementation (which underlies the R, Python and Ruby implementations) of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared i...
Apache Arrow
7.5
CVSSv3
CVE-2019-12410
While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it exists Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitializ...
Apache Arrow
6.1
CVSSv3
CVE-2023-46077
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin <= 2.2.5 versions.
Arrowplugins The Awesome Feed
5.5
CVSSv3
CVE-2019-19746
make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.
Fig2dev Project Fig2dev 3.2.7b
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5.4
CVSSv3
CVE-2023-44264
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed – Custom Feed plugin <= 2.2.5 versions.
Arrowplugins The Awesome Feed
6.1
CVSSv3
CVE-2023-45003
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Arrow Plugins Social Feed | Custom Feed for Social Media Networks plugin <= 2.2.0 versions.
Arrowplugins Social Feed
7.5
CVSSv3
CVE-2020-3273
A vulnerability in the 802.11 Generic Advertisement Service (GAS) frame processing function of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service (DoS). The vul...
Cisco 5508 Wireless Controller Firmware 8.5\\(151.0\\)
Cisco 5508 Wireless Controller Firmware 8.10\\(204.92\\)
Cisco 5520 Wireless Controller Firmware 8.5\\(151.0\\)
Cisco 5520 Wireless Controller Firmware 8.10\\(204.92\\)
NA
CVE-2010-2975
Cisco Unified Wireless Network (UWN) Solution 7.x up to and including 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate malicious users to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544.
Cisco Unified Wireless Network Solution Software 7.0
Cisco Unified Wireless Network Solution Software 7.0.98.0
NA
CVE-2008-3876
Apple iPhone 2.0.2, in some configurations, allows physically proximate malicious users to bypass intended access restrictions, and obtain sensitive information or make arbitrary use of the device, via an Emergency Call tap and a Home double-tap, followed by a tap of any contact&...
Apple Iphone 2.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »