ROOT-OS-DEBIAN-11-CVE-2024-2193 CVE-2024-2193 in rootio-linux - Patched by Root

Root has patched CVE-2024-2193 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

Advisory ROSA-SA-2025-2911

software: postgresql 12.22 WASP: ROSA-CHROME unaffected versions = postgresql-9.5.2 affected versions postgresql-9.5.2 CVE-ID: CVE-2016-2193 BDU-ID: 2016-00974 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to errors in security settings...

CVE-2019-2193

In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges needed. User...

CVE-2002-2193

Cross-site scripting XSS vulnerability in mojo.cgi for Mojo Mail 2.7 allows remote attackers to inject arbitrary web script via the email parameter...

CVE-2025-2193

A vulnerability has been found in MRCMS 3.1.2 and classified as critical. This vulnerability affects the function delete of the file /admin/file/delete.do of the component org.marker.mushroom.controller.FileController. The manipulation of the argument path/name leads to path traversal. The attack...

CVE-2025-2193 MRCMS org.marker.mushroom.controller.FileController delete.do delete path traversal

A vulnerability has been found in MRCMS 3.1.2 and classified as critical. This vulnerability affects the function delete of the file /admin/file/delete.do of the component org.marker.mushroom.controller.FileController. The manipulation of the argument path/name leads to path traversal. The attack...

CVE-2025-2193

CVE-2025-2193 concerns MRCMS 3.1.2. A path traversal vulnerability exists in the delete function of /admin/file/delete.do within the org.marker.mushroom.controller.FileController, enabling remote exploitation via manipulation of the path/name argument. Public exploit details are present in multip...

Linux Distros Unpatched Vulnerability : CVE-2024-2193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. ...

CVE-2022-2193

Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1...

BIT-POSTGRESQL-2024-10976 PostgreSQL row security below e.g. subqueries disregards user ID changes

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

CVE-2024-10976

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

CVE-2016-2193

creationtimestamp| type| source ---|---|--- 2024-11-14 13:05:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113481449755283145 2024-11-14 14:59:09+00:00| seen| https://t.me/cvedetector/10948 2025-02-14 10:03:10+00:00| seen| Telegram/T7bmhZyyY3q44NdwHtBlh0uklY8nk4hbekeMxCZgwv81B...

PostgreSQL -- PostgreSQL row security below e.g. subqueries disregards user ID changes

PostgreSQL project reports: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery...

NewStart CGSL MAIN 6.02 : libtiff Multiple Vulnerabilities (NS-SA-2024-0051)

The remote NewStart CGSL host, running version MAIN 6.02, has libtiff packages installed that are affected by multiple vulnerabilities: - Buffer overflow in the t2pwritepdfstring function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service crash and possibly...

SUSE: Security Advisory (SUSE-SU-2024:2535-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : xen (SUSE-SU-2024:2535-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2535-1 advisory. - CVE-2023-28746: Register File Data Sampling XSA-452, bsc1221332 - CVE-2023-46842: HVM hypercalls may trigger Xen bug check XSA-45...

SUSE-SU-2024:2535-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-28746: Register File Data Sampling XSA-452, bsc1221332 - CVE-2023-46842: HVM hypercalls may trigger Xen bug check XSA-454, bsc1221984 - CVE-2024-2193: Fixed GhostRace, a speculative race conditions. XSA-453, bsc1221334 - CVE-2024-2201:...

K000139682: Speculative race conditions vulnerability CVE-2024-2193

Security Advisory Description A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using ra...

F5 Networks BIG-IP : Speculative race conditions vulnerability (K000139682)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139682 advisory. A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution...

RHEL 7 : hw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - hw: cpu: intel: Intra-Mode BTI CVE-2022-0002 - hw: Intel: Improper restriction in memory buffer in graphi...