Lucene search
K

134 matches found

Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.20 views

PT-2025-53343

Name of the Vulnerable Software and Affected Versions LogicalDOC Enterprise version 7.7.4 Description The software contains multiple authenticated operating system command execution flaws. These flaws permit attackers to manipulate binary paths when altering system settings. Exploitation involves...

8.7CVSS7.3AI score0.0035EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.101 views

LogicalDOC Enterprise 安全漏洞

LogicalDOC Enterprise is a document management system from LogicalDOC Italy. A security vulnerability exists in LogicalDOC Enterprise version 7.7.4, which originates from insufficient validation of binary paths when modifying system settings, and may result in the execution of operating system...

8.7CVSS6.9AI score0.0035EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-52928

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00364EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-42665

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.0025EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-8703

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.02098EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 p.m.6 views

CVE-2022-31464

Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path...

7.8CVSS7.2AI score0.00364EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:10 p.m.7 views

CVE-2021-21415

Prisma VS Code a VSCode extension for Prisma schema files. This is a Remote Code Execution Vulnerability that affects all versions of the Prisma VS Code extension older than 2.20.0. If a custom binary path for the Prisma format binary is set in VS Code Settings, for example by downloading a proje...

7.8CVSS7.6AI score0.02098EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:9 p.m.6 views

CVE-2021-21292

Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their...

6.3CVSS6.8AI score0.00393EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/04/10 8:1 a.m.0 views

Security update for apparmor

This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

7.7AI score
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/04/03 2:18 p.m.1 views

Security update for apparmor

This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

7.7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.4 views

PT-2025-19699 · Opensuse +1 · Apparmor +1

Name of the Vulnerable Software and Affected Versions: apparmor affected versions not specified Description: This issue allows dovecot-auth to execute the unix check password function from /sbin, not only from /usr/bin. Recommendations: At the moment, there is no information about a newer version...

7.2AI score
Exploits0References3
Packet Storm
Packet Storm
added 2024/09/02 12:0 a.m.397 views

pgAdmin 8.4 Code Execution

============================================================================================================================================= | Title : pgAdmin 8.4 PHP Code Execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.656 views

pgAdmin 8.4 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pgAdmin Binary Path API RCE', 'Description' = %q pgAdmin MSFLICENSE, 'Author' = 'M.Selim Karahan', metasploit module 'Mustafa Mutlu', lab prep. a...

9.8CVSS7AI score0.64846EPSS
Exploits5
0day.today
0day.today
added 2024/08/29 12:0 a.m.413 views

pgAdmin 8.4 Remote Code Execution Exploit

pgAdmin versions 8.4 and below are affected by a remote code execution vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the securi...

9.8CVSS8.4AI score0.64846EPSS
Exploits5
Metasploit
Metasploit
added 2024/08/28 6:52 p.m.809 views

pgAdmin Binary Path API RCE

pgAdmin use exploit/windows/http/pgadminbinarypathapi msf exploitpgadminbinarypathapi show targets ...targets... msf exploitpgadminbinarypathapi set TARGET msf exploitpgadminbinarypathapi show options ...show and set options... msf exploitpgadminbinarypathapi exploit This module requires...

9.8CVSS8.3AI score0.64846EPSS
Exploits5
OSV
OSV
added 2024/08/07 2:15 a.m.3 views

CVE-2024-34628

Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory...

5.5CVSS5.8AI score0.00152EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/04/06 1:59 a.m.3 views

SUSE CVE-2024-3116

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

9.9CVSS8.2AI score0.64846EPSS
Exploits5References3
Veracode
Veracode
added 2024/04/05 6:58 a.m.29 views

Remote Code Execution (RCE)

pgAdmin is vulnerable to Remote Code Execution RCE. The vulnerability is due improper validation within the binary path API, which allows attackers to execute arbitrary code on the server...

9.8CVSS8.3AI score0.64846EPSS
Exploits5References6Affected Software1
OSV
OSV
added 2024/04/04 3:30 p.m.15 views

GHSA-27JX-FFW8-XRQV pgAdmin Remote Code Execution (RCE) vulnerability

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

7.4CVSS9AI score0.64846EPSS
Exploits5References7
Github Security Blog
Github Security Blog
added 2024/04/04 3:30 p.m.59 views

pgAdmin Remote Code Execution (RCE) vulnerability

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

9.8CVSS9AI score0.64846EPSS
Exploits5References7Affected Software1
Rows per page
Query Builder