10 matches found
CVE-2023-53947
OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges...
CVE-2023-53947
creationtimestamp| type| source ---|---|--- 2025-12-20 00:18:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3maewleplzn2q 2025-12-23 09:47:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3manhr7qe5n2p...
CVE-2025-53947
creationtimestamp| type| source ---|---|--- 2025-09-18 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-06 2025-09-19 01:18:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lz5ozb47fa2t...
CVE-2024-53947
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Superset. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. This issue is a follow-up to CVE-2024-39887...
CVE-2024-53947
creationtimestamp| type| source ---|---|--- 2024-12-09 16:22:14+00:00| seen| https://t.me/cvedetector/12393 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:35+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...
CVE-2024-53947
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Superset. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. This issue is a follow-up to CVE-2024-39887...
CVE-2024-53947
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Superset. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. This issue is a follow-up to CVE-2024-39887...
CVE-2024-53947 Apache Superset: Improper SQL authorisation, parse not checking for specific postgres functions
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Superset. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. This issue is a follow-up to CVE-2024-39887...
CVE-2024-53947 Apache Superset: Improper SQL authorisation, parse not checking for specific postgres functions
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Superset. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. This issue is a follow-up to CVE-2024-39887...
CVE-2024-53947
CVE-2024-53947 : Apache Superset is affected by an SQL Injection vulnerability due to improper neutralization of certain engine-specific functions, allowing bypass of SQL authorization. The issue affects versions