EUVD-2009-4502

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-1385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a...

CVE-2023-32264

CWE-1385 vulnerability in OpenText Documentum D2 affecting versions16.5.1 to CE 23.2. The vulnerability could allow upload arbitrary code and execute it on the client's computer...

CVE-2022-1385

Mattermost 6.4.x and earlier fails to properly invalidate pending email invitations when the action is performed from the system console, which allows accidentally invited users to join the workspace and access information from the public teams and channels...

CVE-2020-1385

An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka 'Windows Credential Picker Elevation of Privilege Vulnerability'...

CVE-2019-1385

An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate...

CVE-2025-1385

When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...

CVE-2025-1385

creationtimestamp| type| source ---|---|--- 2025-03-20 09:03:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lksdomw3gq2j 2025-03-20 09:30:37+00:00| published-proof-of-concept| Telegram/NQlvjHhG2-VIGa7A-fQOLEf1RIrC3ATUo7ji5TmFiVmJeeU 2025-03-20 11:32:45+00:00| seen|...

CVE-2025-1385

When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...

CVE-2025-1385 Fail input validation in clickhouse-library-bridge API could lead to RCE under specific configuration

When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...

CVE-2025-1385 Fail input validation in clickhouse-library-bridge API could lead to RCE under specific configuration

When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...

CVE-2025-1385

The CVE-2025-1385 vulnerability affects ClickHouse when the library_bridge feature is enabled and exposes an HTTP API on localhost (default port 9019). This configuration allows the ClickHouse server to dynamically load a library from a path and execute it in an isolated process, which, combined ...

CVE-2025-1385

When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...

Linux Distros Unpatched Vulnerability : CVE-2014-1385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service memory...

CVE-2024-1385

The WP-Stateless – Google Cloud Storage plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the dismissnotices function in all versions up to, and including, 3.4.0. This makes it possible for authenticated attackers, with subscriber-level access an...

CVE-2025-1385

When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...

CVE-2023-32264

CVE-2023-32264 affects OpenText Documentum D2 (versions 16.5.1 through CE 23.2). The root cause is a vulnerability that could allow uploading arbitrary code and executing it on a client computer. Impact is user-controlled code execution on the affected endpoint. Connected sources confirm the affe...

CVE-2019-1385

creationtimestamp| type| source ---|---|--- 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-04 16:24:36+00:00| seen| https://t.me/arpsyndicate/1249 2024-02-11 15:06:53+00:00| seen| https://t.me/ctinow/182809 2024-03-15 08:58:02+00:00| seen| https://t.me/ptsoft/2...

CVE-2023-1385

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with...

CVE-2023-1385

CVE-2023-1385 describes an improper JPAKE implementation that allows offline PIN brute-forcing due to initializing random values to a known value, enabling unauthorized authentication to amzn.lightning services. Affected: Amazon Fire TV Stick 3rd gen before 6.2.9.5 and Insignia TV with FireOS 7.6...