Solstice-Pod up to 5.0.2 WEBRTC server mishandles the format-string specifiers %x; %p; %c and %s in the screen_key, display_name, browser_name, and operation_system parameter during the authentication process. This may crash the server and force Solstice-Pod to reboot, which leads to a denial of service.
A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
An issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface.
Improper data authorization check on Jinja templated queries in Apache Superset up to and including 2.1.0 allows for an authenticated user to issue queries on database tables they may not have access to.