14 matches found
Cursor AI Agent Wipes PocketOS Database and Backups in 9 Seconds
PocketOS founder says Cursor AI agent deleted its production database in 9 seconds after misusing a root API token, exposing major Railway security flaws...
SUSE CVE-2026-33906
Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, the NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. A NetworkManager could replace the production database with a tamper...
CVE-2026-33906
Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, the NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. A NetworkManager could replace the production database with a tamper...
Ella Core has Privilege Escalation via Database Restore by NetworkManager role
Summary The NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. Impact A NetworkManager could replace the production database with a tampered copy to escalate to Admin, gaining access to user management...
PT-2026-28564
Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.7.0 Description Ella Core is a 5G core designed for private networks. The NetworkManager role had backup and restore permissions. The restore endpoint accepted any valid SQLite file without content verification...
CVE-2025-52448
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux validate-initial-sql api modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before...
CVE-2025-52447
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux set-initial-sql tabdoc command modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12,...
CVE-2025-52446
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux tab-doc api modules allows Interface Manipulation data access to the production database cluster.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19...
CVE-2025-52446
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux tab-doc api modules allows Interface Manipulation data access to the production database cluster.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19...
CVE-2025-52447
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux set-initial-sql tabdoc command modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12,...
CVE-2025-52446
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux tab-doc api modules allows Interface Manipulation data access to the production database cluster.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19...
PT-2025-30919 · Salesforce · Tableau Server
Name of the Vulnerable Software and Affected Versions: Tableau Server versions prior to 2025.1.3 Tableau Server versions prior to 2024.2.12 Tableau Server versions prior to 2023.3.19 Description: A flaw exists in Salesforce Tableau Server on Windows and Linux that allows an authorization bypass...
PT-2023-2415 · Microsoft · Defender
Name of the Vulnerable Software and Affected Versions: Microsoft Defender versions affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Defender, which can be exploited by a remote attacker to cause a denial of service by sending speciall...
Man Accidentally Destroyed Production Database on First Day of His Job
By Waqas We all make mistakes, but some mistakes are fatal ending up with devastating consequences just like one of those Amazon engineers whos typo error caused a major service outage worldwide. But then theres this man /cscareerthrowaway567 who recently posted on Reddit explaining that he...