Atlassian Confluence Command Injection (CONFSERVER-79016)

According to its self-reported version number, the Atlassian Confluence running on the remote host is affected by a command injection vulnerability. A remote, unauthenticated attacker can use this to execute arbitrary code. Note that Nessus has not tested for this issue but has instead relied onl...

Confluence OGNL Injection Remote Code Execution Exploit

Confluence suffers from a pre-authentication remote code execution vulnerability that is leveraged via OGNL injection. All 7.4.17 versions before 7.18.1 are affected. !/usr/bin/python3 Exploit Title: Confluence Pre-Auth Remote Code Execution via OGNL Injection Google Dork: N/A Date: 06/006/2022...

PostgreSQL < 7.3.19, 7.4.x < 7.4.17, 8.0.x < 8.0.13, 8.1.x < 8.1.9, and 8.2.x < 8.2.4 Untrusted Search Path Vulnerability - Windows

PostgreSQL is prone to an untrusted search path vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PostgreSQL SECURITY DEFINER函数本地权限提升漏洞

PostgreSQL是一款高级对象－关系型数据库管理系统，支持扩展的SQL标准子集。 PostgreSQL的SECURITY DEFINER函数实现上存在安全漏洞，允许本地通过修改searchpath并使用临时对象获得权限提升。 PostgreSQL PostgreSQL 8.2.4 PostgreSQL PostgreSQL 8.1.9 PostgreSQL PostgreSQL 8.0.13 PostgreSQL PostgreSQL 7.4.17 PostgreSQL PostgreSQL 7.3.19 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...