146 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-41335
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be...
SUSE CVE-2023-41335
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities-it already learns the users' passwords as...
CVE-2023-23327
An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes, and database backups are stored using the current date as the filename and hosted on the web server without access controls...
CVE-2021-24174
The Database Backups WordPress plugin through 1.2.2.6 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the database, change the plugin's settings and delete backups...
GatesAir Maxiva 安全漏洞
GatesAir Maxiva is a series of transmitters from GatesAir USA. A security vulnerability exists in the GatesAir Maxiva UAXT, VAXT that stems from incorrect access control, resulting in a serious information disclosure vulnerability in the web-based management interface. An unauthenticated attacker...
CVE-2025-0745
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain the backups of the database by requesting the "/embedai/app/uploads/database/" endpoint...
CVE-2025-0745
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain the backups of the database by requesting the "/embedai/app/uploads/database/" endpoint...
CVE-2025-0745 Improper Access Control vulnerability in EmbedAI
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain the backups of the database by requesting the "/embedai/app/uploads/database/" endpoint...
CVE-2025-0745 Improper Access Control vulnerability in EmbedAI
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker to obtain the backups of the database by requesting the "/embedai/app/uploads/database/" endpoint...
CVE-2025-0745
CVE-2025-0745 affects EmbedAI 2.1 and earlier. The issue is inadequate access control that allows an authenticated attacker to retrieve database backups by requesting the endpoint /embedai/app/uploads/database/. This can lead to exposure of sensitive data stored in backups. The connected PT-2025-...
PT-2025-4034 · Embedai · Embedai
Name of the Vulnerable Software and Affected Versions: EmbedAI versions 2.1 and earlier Description: An issue with inadequate access control has been identified, allowing an authenticated attacker to obtain database backups by requesting the "/embedai/app/uploads/database/" endpoint. This endpoin...
CVE-2023-7164
The BackWPup WordPress plugin before 4.0.4 does not prevent Directory Listing in its temporary backup folder, allowing unauthenticated attackers to download backups of a site's database...
CVE-2023-7164
The BackWPup WordPress plugin before 4.0.4 does not prevent Directory Listing in its temporary backup folder, allowing unauthenticated attackers to download backups of a site's database...
PT-2024-15217
Name of the Vulnerable Software and Affected Versions BackWPup WordPress plugin versions prior to 4.0.4 Description The issue allows unauthenticated attackers to download backups of a site's database due to the lack of prevention of Directory Listing in the temporary backup folder. This exposes...
The vulnerability of the Pandora FMS monitoring and management system, related to the lack of protection for operational data, allows attackers to load backup copies of the database.
The vulnerability of the Pandora FMS monitoring and management system lies in the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to remotely load backup copies of the database...
PT-2024-12979 · Undefined · Undefined
NCC Group выпустила третье исследование с оценкой безопасности популярных инструментов RMM, в котором представила обзор на 18 уязвимостей в PandoraFMS. Ранее в поле зрения исследователей попадали множественные уязвимости в Faronics Insight и Nagios XI. PandoraFMS - это приложение для мониторинга ...
CVE-2023-41786
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772...
CVE-2023-41786
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772...
Arbitrary file deletion
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772...
CVE-2023-41786 Database backups availability by low-privileged users
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772...