25 matches found
CVE-2022-39362
Metabase is affected by CVE-2022-39362 due to unsafely auto-executing unsaved/native SQL queries in certain older releases. Affected versions include 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 (prior to patch). The underlying issue allowed native queries to be executed aut...
Metabase 安全漏洞
Metabase is an open source data analytics platform from Metabase, Inc. in the United States. A security vulnerability exists in Metabase that stems from unsaved SQL queries being executed automatically, which could constitute a possible attack vector...
UBUNTU-CVE-2022-1292
The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...
The vulnerability of the Thunar file manager, related to improper access control, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Thunar file manager is related to the use of another program without user confirmation when the file is used as an acommand. Exploiting this vulnerability can allow an attacker who operates remotely to gain access to confidential data, compromise its integrity, and cause...
Threat Roundup for October 4 to October 11
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 4 and Oct. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...