CVE-2024-36984 Remote Code Execution through Serialized Session Payload in Splunk Enterprise on Windows

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially crafted query that they could then use to serialize untrusted data. The attacker could use the query to execute arbitrary code...

PT-2024-27232 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Description: The issue allows an authenticated user to execute a specially crafted query, which can then be used to...

Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0704)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0704 advisory. - In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 on Windows, an authenticated user could execute a specially...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

PT-2024-27173 · Teldats · Teldat M1

Name of the Vulnerable Software and Affected Versions: Teldat M1 version 11.00.05.50.01 Description: The issue is related to incorrect access control, allowing attackers to obtain sensitive information by using a crafted query string. Recommendations: For Teldat M1 version 11.00.05.50.01, conside...

Teldat M1 Security Vulnerability

Teldat M1 is a compact modular router from Teldat Poland. A security vulnerability exists in Teldat M1 version v11.00.05.50.01. An attacker exploited the vulnerability to obtain sensitive information via a specially crafted query string...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

CVE-2024-36829

CVE-2024-36829 affects Teldat M1, version v11.00.05.50.01. The vulnerability is an incorrect access control issue that allows an attacker to obtain sensitive information through a crafted query string. The available sources confirm the affected product/version and the nature of the access control...

CVE-2024-31881

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. IBM X-Force ID: 287613...

CVE-2024-28762

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246...

CVE-2024-28762

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246...

CVE-2024-28762 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: 285246...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables. (CVE-2024-31881)

Summary IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. Vulnerability Details CVEID:CVE-2024-31881 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query under certain conditions. (CVE-2024-28762)

Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query under certain conditions. Vulnerability Details CVEID:CVE-2024-28762 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server is vulnerable to denial of service with a specially crafted query...

IBM DB2 Multiple Vulnerabilities (7145722, 7145730) (Unix)

According to its self-reported version number, IBM Db2 on Unix may be affected by multiple vulnerabilites: - IBM® Db2® is vulnerable to denial of service when quering a specific UDF built-in function concurrently. CVE-2023-52296 - IBM® Db2® is vulnerable to a denial of service with a speciall...

IBM DB2 DoS (7145726) (Windows)

According to its self-reported version number, IBM Db2 on Windows is vulnerable to a denial of service by an authenticated user using a specially crafted query. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

RHEL 8 : unbound (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - unbound: uninitialized memory accesses leads to crash via a crafted NOTIFY query CVE-2019-16866 Note that Nessus ha...

The vulnerability of the functionality of the reporting feature of Rockwell Automation’s HMI software FactoryTalk View SE Datalog allows a hacker to gain full access to the data.

The vulnerability of the reporting function of the Rockwell Automation FactoryTalk View SE Datalog software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full access to the data by sending a specially crafted SQL...

CVE-2024-4824

CVE-2024-4824 affects School ERP Pro+Responsive 1.0. The vulnerability is an SQL injection in the /SchoolERP/office_admin/ page via parameters such as groups_id, examname, classes_id, es_voucherid, es_class, etc., allowing a remote attacker to execute crafted queries and potentially retrieve all ...