Tanium Reputation 安全漏洞

Tanium Reputation is a threat intelligence integration engine developed by the American company Tanium. Tanium Reputation has a security vulnerability, which stems from improper access control practices...

EUVD-2016-4575

Malware in sbrugna...

EUVD-2024-2774

Malicious code in bioql PyPI...

GHSA-CRMG-RP64-5CM3 MindsDB Eval Injection vulnerability

An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPDATE’ query containing Python code is run against a database created with the specified integration...

CVE-2024-45847

An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPDATE’ query containing Python code is run against a database created with the specified integration...

CVE-2024-45847

An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPDATE’ query containing Python code is run against a database created with the specified integration...

CVE-2024-45847

The CVE-2024-45847 entry concerns MindsDB Platform versions 23.11.4.2 through 24.7.4.1 where, when certain integrations are installed, a specially crafted UPDATE query containing Python code is passed to an eval function and executes on the server. Documented across multiple sources (Red Hat, Ver...

PT-2024-6368 · Mindsdb · Mindsdb

Name of the Vulnerable Software and Affected Versions: MindsDB versions 23.11.4.2 through 24.7.4.1 Description: An arbitrary code execution issue exists when one of several integrations is installed on the server. If a specially crafted UPDATE query containing Python code is run against a databas...

Johnsoncontrols Metasys Improper Restriction of XML External Entity Reference

XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server ADS, ADS-Lite versions 10.1 and prior; Metasys Extended Application and...

CVE-2020-14805

Vulnerability in the Oracle E-Business Suite Secure Enterprise Search product of Oracle E-Business Suite component: Search Integration Engine. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access...

CVE-2016-3549

Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Search Integration Engine...

CVE-2016-3549

Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Search Integration Engine...

Design/Logic Flaw

Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Search Integration Engine...

CVE-2016-3549

Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Search Integration Engine...

CVE-2016-3549

Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Search Integration Engine...

Oracle E-Business Suite Unspecified Vulnerability in Oracle E-Business Suite Secure Enterprise Search Component

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's fully integrated global business management software. The software provides customer relationship management, service management, financial management, etc. Oracle E-Business Suite Secure Enterprise Search is on...

CVE-2014-5427

CVE-2014-5427 affects Johnson Controls Metasys 4.1–6.5 (ADS, ADX, LCS8520, NAE 55xx-x, NIE 5xxx-x, NxE8500). A remote, unauthenticated attacker can read password hashes via a POST request, exposing credentials and affecting confidentiality. Connected sources indicate multiple advisories and a pat...