Chef Automate < 4.13.295 — SQL Injection

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token. id: CVE-2025-8868 info...

MINI-F47M-8868-H7GQ

Bulletin has no description...

CVE-2025-8868

creationtimestamp| type| source ---|---|--- 2025-09-29 12:39:46+00:00| seen| https://gist.github.com/Darkcrai86/ce36a6f3a7e1de36fcad2b68518a1953 2025-09-30 23:28:17+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3m23ohoslm22b 2025-10-06 16:38:53+00:00| confirmed|...

CVE-2020-8868

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest Foglight Evolve 9.0.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the service user account. The product contains a hard-coded password for thi...

CVE-2024-8868

creationtimestamp| type| source ---|---|--- 2024-09-15 05:54:24+00:00| seen| https://t.me/cvedetector/5679...

CVE-2024-8868

A vulnerability was found in code-projects Crud Operation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file savedata.php. The manipulation of the argument sname leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-8868 code-projects Crud Operation System savedata.php sql injection

A vulnerability was found in code-projects Crud Operation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file savedata.php. The manipulation of the argument sname leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-8868 code-projects Crud Operation System savedata.php sql injection

A vulnerability was found in code-projects Crud Operation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file savedata.php. The manipulation of the argument sname leads to sql injection. The attack may be initiated remotely. The exploit has been...

RHEL 7 : poppler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - poppler: heap buffer overflow in ExponentialFunction CVE-2015-8868 - poppler: recursive function call in...

Huawei EulerOS: Security Advisory for compat-poppler022 (EulerOS-SA-2021-1772)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : compat-poppler022 (EulerOS-SA-2021-1772)

According to the version of the compat-poppler022 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to...

SUSE: Security Advisory (SUSE-SU-2016:1543-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : compat-poppler022 (EulerOS-SA-2020-2335)

According to the version of the compat-poppler022 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to...

CVE-2020-8868

CVE-2020-8868 affects Quest Foglight Evolve 9.0.0. The root cause is a hard-coded password for the service user account, enabling unauthenticated remote code execution with SYSTEM privileges. Multiple sources (NVD/Red Hat/NVD mirror, ZDI, PRION) confirm remote code execution without authenticatio...

Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2016-1059)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for compat-poppler022 (EulerOS-SA-2019-1803)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : compat-poppler022 (EulerOS-SA-2019-1803)

According to the version of the compat-poppler022 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to...

CVE-2017-8868

The CVE-2017-8868 vulnerability affects flatCore 1.4.7, where acp/core/files.browser.php enables deletion of files via directory traversal in the delete parameter to acp/acp.php. The underlying issue is a directory-traversal flaw that can impact files reachable through that parameter. The NVD ent...

EulerOS 2.0 SP1 : poppler (EulerOS-SA-2016-1059)

According to the version of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a...

Scientific Linux Security Update : poppler on SL7.x x86_64 (20161103)

Security Fixes : - A heap-buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler such as Evince to crash or, potentially, execute arbitrary code when opened. CVE-2015-8868 Additional Changes : %NASLMINLEVEL...