1196 matches found
CVE-2019-18182
pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...
CVE-2019-18182
pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...
CVE-2019-18183
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the applydeltas function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted...
CVE-2019-18183
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the applydeltas function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted...
Command injection
pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...
Command injection
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the applydeltas function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted...
CVE-2019-18182
pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...
CVE-2019-18182
pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...
CVE-2019-18183
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the applydeltas function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted...
exploit-database
This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains exploits, shellcodes, and papers for various vulnerabilities in different software and systems. The exploits are categorized by operating system, software, and vulnerability...
MariaDB 'CVE-2020-2574' Denial of Service Vulnerability - Windows
MariaDB is prone to a Denial of Service vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...
The State of Vulnerabilities in 2019
As a web application firewall provider, part of our job at Imperva is to continually monitor for new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more,...
Microsoft Leaves 250M Customer Service Records Open to the Web
UPDATE Misconfigured Microsoft cloud databases containing 14 years of customer support logs exposed 250 million records to the open internet for 25 days. The account info dates back as far as 2005 and is as recent as December 2019 — and exposes Microsoft customers to phishing and tech scams...
Business in the front, party in the back: backdoors in elastic servers expose private data
It seems like every day we read another article about a data breach or leak of cloud storage exposing millions of users' data. The unfortunate truth is that the majority of these leaks require no actual "hacking" on the part of the attacker. Most of the time, this highly confidential data is just...
Feds seize WeLeakInfo.com for selling stolen databases
By Sudais Asif WeLeakInfo.com was home to over 10,000 data breaches containing over 12 billion indexed records. This is a post from HackRead.com Read the original post: Feds seize WeLeakInfo.com for selling stolen databases...
CVE-2019-19801
In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134MR4, v8.00 prior to v8.00.1161MR5, v7.90 prior to v7.90.991MR5, v7.80 prior to v7.80.960MR2 and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases...
Antivirus Exclusions for Veeam Backup for Microsoft 365
Purpose This article documents antivirus exclusions that may be created to reduce the impact that antivirus software has on the functionality of Veeam Backup for Microsoft 365. These antivirus exclusions may be applied to the Windows built-in antivirus or third-party antivirus software. Note:...
CVE-2019-12413
In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...
CVE-2019-12414
In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab...
PT-2019-12793 · Apache · Apache Incubator Superset
Name of the Vulnerable Software and Affected Versions: Apache Incubator Superset versions prior to 0.32 Description: A user can view database names that he has no access to on a dropdown list in SQLLab. Recommendations: For versions prior to 0.32, update to version 0.32 or later to resolve the...