CVE-2025-11675

Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

Linux Distros Unpatched Vulnerability : CVE-2019-11675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because ...

CVE-2024-11675

A vulnerability has been found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /backend/admin/hisadminregisterpatient.php of the component Add Patient Details Page. The manipulation of the argument...

CVE-2020-11675

Cerner medico 26.00 has a Local Buffer Overflow issue 1 of 3...

CVE-2019-11675

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /var/log/groonga/htt...

CVE-2024-11675

creationtimestamp| type| source ---|---|--- 2024-11-26 00:34:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113546444654490907...

CVE-2024-11675

CVE-2024-11675 affects CodeAstro Hospital Management System (v1.0). The vulnerability resides in the file /backend/admin/his_admin_register_patient.php (Add Patient Details Page), where inputs for pat_fname, pat_ailment, pat_lname, pat_age, pat_dob, pat_number, pat_phone, pat_type, and pat_addr c...

CVE-2020-11675

Cerner medico 26.00 has a Local Buffer Overflow issue 1 of 3...

CVE-2020-11675

Cerner medico 26.00 has a Local Buffer Overflow issue 1 of 3...

CVE-2020-11675

CVE-2020-11675 affects Cerner medico 26.00 and is described as a Local Buffer Overflow (issue 1 of 3). Public records indicate a memory boundary validation flaw that can lead to buffer/heap overflow. CVSS data (v2/v3.1) shows an Adjacent Network attack vector with no user interaction, low complex...

CVE-2018-11675

...

CVE-2018-11675

This CVE-2018-11675 entry is rejected and does not represent an active vulnerability entry.

CVE-2019-11675

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /var/log/groonga/htt...

CVE-2019-11675

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /var/log/groonga/htt...

CVE-2019-11675

The CVE-2019-11675 issue concerns the groonga-httpd package (Debian) version 6.1.5-1, where ownership of /var/log/groonga is set to the groonga account. The underlying root cause is an unsafe interaction with logrotate that enables a local attacker to exploit a race condition to create a symlink ...

CVE-2017-11675

ZenCart 1.5.5e contains a vulnerability in traverseStrictSanitize within admin_dir/includes/classes/AdminRequestSanitizer.php. The sanitizer mishandles key strings, enabling remote authenticated users to execute arbitrary PHP code by injecting code into an invalid array index of the admin_name pa...

CVE-2017-11675

The traverseStrictSanitize function in admindir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array index of the adminname array parameter to...

Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Mdaemon 8.0....

Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow

This module exploits a buffer overflow in the CRAM-MD5 authentication of the MDaemon IMAP service. This vulnerability was discovered by Muts. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

IMail IMAP4D Delete Overflow

This module exploits a buffer overflow in the 'DELETE' command of the IMail IMAP4D service. This vulnerability can only be exploited with a valid username and password. This flaw was patched in version 8.14. This module requires Metasploit: https://metasploit.com/download Current source:...