15 matches found
DBeaver < 21.2.3 XXE Vulnerability
The version of DBeaver installed on the remote Windows host is prior to 21.2.3. It is, therefore, affected by the following XXE vulnerability: - The dbeaver is vulnerable to XML External Entity XXE. An attacker that is able to provide a crafted XML file as input to the parseDocument function in t...
EUVD-2021-27083
Malware in sbrugna...
ROS-20250819-03
A vulnerability in the multi-platform database tool dbeaver is related to an improper restriction of a reference to an external XML entity. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information...
CVE-2021-3836
dbeaver is vulnerable to Improper Restriction of XML External Entity Reference...
Metasploit Weekly Wrap-Up
New module content 2 Gather Dbeaver Passwords Author: Kali-Team Type: Post Pull request: 17337 contributed by cn-kali-team Description: This adds a post exploit module that retrieves Dbeaver session data from local configuration files. It is able to extract and decrypt credentials stored in these...
Gather Dbeaver Passwords
This module will determine if Dbeaver is installed on the target system and, if it is, it will try to dump all saved session information from the target. The passwords for these saved sessions will then be decrypted where possible. Module Options msf use post/multi/gather/dbeaver msf postdbeaver...
DBeaver XML External Entity Injection Vulnerability
DBeaver is a free multi-platform database tool for developers, Sql programmers, database administrators and analysts from the DBeaver team in the U.S. An XML external entity injection vulnerability exists in DBeaver, which stems from a web-based system or product that does not set the correct...
Vulnerability fixed in DBeaver
A vulnerability has been fixed in DBeaver. The vulnerability allows a local malicious agent to obtain sensitive data. This is possible because the loading of external XML entities is not properly is not properly captured. For this vulnerability Proof-of-Concept code is available. DBeaver's...
CVE-2021-3836
dbeaver is vulnerable to Improper Restriction of XML External Entity Reference...
CVE-2021-3836
dbeaver is vulnerable to Improper Restriction of XML External Entity Reference...
Xxe
dbeaver is vulnerable to Improper Restriction of XML External Entity Reference...
CVE-2021-3836
CVE-2021-3836 affects DBeaver prior to 21.2.3. Nessus details XXE vulnerability: parsing crafted XML in XMLUtils.parseDocument() may allow an attacker to access local files via XML entities. Affected product: DBeaver on Windows (pre-21.2.3). Impact described as local file exposure; no exploitatio...
CVE-2021-3836 Improper Restriction of XML External Entity Reference in dbeaver/dbeaver
dbeaver is vulnerable to Improper Restriction of XML External Entity Reference...
DBeaver 代码问题漏洞
DBeaver is a free multi-platform database tool for developers, Sql programmers, database administrators and analysts from the DBeaver team in the U.S. An XML external entity injection vulnerability exists in DBeaver, which stems from a web-based system or product that does not set the correct...
in dbeaver/dbeaver
✍️ Description The dbeaver is vulnerable to XML External Entity XXE. An attacker that is able to provide a crafted XML file as input to the parseDocument function in the "XMLUtils.java" file may allow an attacker to execute XML External Entities XXE, including exposing the contents of local files...