Lucene search
K

25 matches found

CVE
CVE
added 2022/10/26 12:0 a.m.73 views

CVE-2022-39362

Metabase is affected by CVE-2022-39362 due to unsafely auto-executing unsaved/native SQL queries in certain older releases. Affected versions include 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 (prior to patch). The underlying issue allowed native queries to be executed aut...

8.8CVSS8.7AI score0.0079EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/10/26 12:0 a.m.5 views

Metabase 安全漏洞

Metabase is an open source data analytics platform from Metabase, Inc. in the United States. A security vulnerability exists in Metabase that stems from unsaved SQL queries being executed automatically, which could constitute a possible attack vector...

8.8CVSS8.1AI score0.0079EPSS
Exploits0References3
OSV
OSV
added 2022/05/03 12:0 a.m.2 views

UBUNTU-CVE-2022-1292

The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...

9.8CVSS6.8AI score0.83223EPSS
Exploits5References8
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.5 views

The vulnerability of the Thunar file manager, related to improper access control, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Thunar file manager is related to the use of another program without user confirmation when the file is used as an acommand. Exploiting this vulnerability can allow an attacker who operates remotely to gain access to confidential data, compromise its integrity, and cause...

9.8CVSS7.7AI score0.03076EPSS
Exploits0References7Affected Software2
Talos Blog
Talos Blog
added 2019/10/11 8:45 a.m.260 views

Threat Roundup for October 4 to October 11

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 4 and Oct. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

10CVSS10AI score0.99999EPSS
Exploits123
Rows per page
Query Builder