134 matches found
PT-2025-53343
Name of the Vulnerable Software and Affected Versions LogicalDOC Enterprise version 7.7.4 Description The software contains multiple authenticated operating system command execution flaws. These flaws permit attackers to manipulate binary paths when altering system settings. Exploitation involves...
LogicalDOC Enterprise 安全漏洞
LogicalDOC Enterprise is a document management system from LogicalDOC Italy. A security vulnerability exists in LogicalDOC Enterprise version 7.7.4, which originates from insufficient validation of binary paths when modifying system settings, and may result in the execution of operating system...
EUVD-2022-52928
Malicious code in bioql PyPI...
EUVD-2022-42665
Malicious code in bioql PyPI...
EUVD-2021-8703
Malicious code in bioql PyPI...
CVE-2022-31464
Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path...
CVE-2021-21415
Prisma VS Code a VSCode extension for Prisma schema files. This is a Remote Code Execution Vulnerability that affects all versions of the Prisma VS Code extension older than 2.20.0. If a custom binary path for the Prisma format binary is set in VS Code Settings, for example by downloading a proje...
CVE-2021-21292
Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
Security update for apparmor
This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...
PT-2025-19699 · Opensuse +1 · Apparmor +1
Name of the Vulnerable Software and Affected Versions: apparmor affected versions not specified Description: This issue allows dovecot-auth to execute the unix check password function from /sbin, not only from /usr/bin. Recommendations: At the moment, there is no information about a newer version...
pgAdmin 8.4 Code Execution
============================================================================================================================================= | Title : pgAdmin 8.4 PHP Code Execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...
pgAdmin 8.4 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pgAdmin Binary Path API RCE', 'Description' = %q pgAdmin MSFLICENSE, 'Author' = 'M.Selim Karahan', metasploit module 'Mustafa Mutlu', lab prep. a...
pgAdmin 8.4 Remote Code Execution Exploit
pgAdmin versions 8.4 and below are affected by a remote code execution vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the securi...
pgAdmin Binary Path API RCE
pgAdmin use exploit/windows/http/pgadminbinarypathapi msf exploitpgadminbinarypathapi show targets ...targets... msf exploitpgadminbinarypathapi set TARGET msf exploitpgadminbinarypathapi show options ...show and set options... msf exploitpgadminbinarypathapi exploit This module requires...
CVE-2024-34628
Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory...
SUSE CVE-2024-3116
pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...
Remote Code Execution (RCE)
pgAdmin is vulnerable to Remote Code Execution RCE. The vulnerability is due improper validation within the binary path API, which allows attackers to execute arbitrary code on the server...
GHSA-27JX-FFW8-XRQV pgAdmin Remote Code Execution (RCE) vulnerability
pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...
pgAdmin Remote Code Execution (RCE) vulnerability
pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...