40 matches found
Arbitrary Command Injection
Overview pgadmin4 is a PostgreSQL Tools Affected versions of this package are vulnerable to Arbitrary Command Injection via the backup and restore processes when handling file path input with shell execution enabled. An attacker can execute arbitrary system commands by supplying specially crafted...
Arbitrary File Upload
Overview hillelcoren/invoice-ninja is an Invoices, expenses & time-tracking built with Laravel Affected versions of this package are vulnerable to Arbitrary File Upload via the Restore process. An attacker can execute arbitrary code on the server by uploading specially crafted .php files when...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
postgresql: PostgreSQL executes arbitrary code in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...
CRLF Injection
Overview Affected versions of this package are vulnerable to CRLF Injection in the restore process via psql meta-commands inside a purpose-crafted object name. An attacker can execute arbitrary code by injecting meta commands into the file, which can be executed by an unknowing user during the...
CRLF Injection
Overview Affected versions of this package are vulnerable to CRLF Injection in the restore process via psql meta-commands inside a purpose-crafted object name. An attacker can execute arbitrary code by injecting meta commands into the file, which can be executed by an unknowing user during the...
Improper Authorization
github.com/cri-o/cri-o is vulnerable to Improper Authorization. The vulnerability is due to insufficient validation during container restoration, allowing a malicious user to restore a pod without proper access to host mounts by exploiting the checkpoint restore process...
Cross-site Scripting (XSS)
Moodle is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization of data during the restore process, allowing malicious backup files to introduce XSS risks...
CVE-2024-6326
CVE-2024-6326 affects Rockwell Automation FactoryTalk System Service. The vulnerability arises from a lack of explicit permissions on the backup folder, allowing a local attacker who starts a backup/restore process to temporarily access sensitive data (private keys, passwords, pre‑shared keys, an...
CVE-2023-6573
HPE OneView may have a missing passphrase during restore...
Design/Logic Flaw
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use TOCTOU vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11...
PT-2023-2531 · Avg +1 · Avg Antivirus +1
Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 22.11 AVG Antivirus versions prior to 22.11 Description: The issue is related to a Time-of-check/Time-of-use TOCTOU vulnerability in the restore process, leading to arbitrary file creation. This vulnerability...
SUSE CVE-2012-0868
CRLF injection vulnerability in pgdump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQ...
Moodle 访问控制错误漏洞
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from inappropriate access restrictions in the process when restoring role...
Restore a deleted vCenter Server Appliance (VCSA) with High Availability (HA) enabled
Challenge You need to restore a vCenter Server Appliance VCSA with the original name and to the original location. Before the VCSA got corrupted or was deleted, High Availability HA was enabled in the VMware cluster. If HA remains active at the ESXi host level during the restore process, HA can...
Security update for apache2-mod_perl (moderate)
openSUSE Security Update: Security update for apache2-modperl Announcement ID: openSUSE-SU-2019:2558-1 Rating: moderate References: 1091625 1156944 Cross-References: CVE-2011-2767 Affected Products: openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that solves one vulnerability an...
Restoring GPT Disk to Incompatible Legacy BIOS System
Challenge After selecting a restore point during the bare metal restore configuration, the following message pops up: OS disk in backup uses GPT disk. This may cause boot issues on BIOS systems. If this is ignored and the restore process completes, the following may happen when the restored machi...
mysql: Incorrect input validation allowing code execution via mysqldump
It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...
mysql: Incorrect input validation allowing code execution via mysqldump
It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...
SandJacking Attack Puts iOS Devices At Risk to Rogue Apps
Apple has yet to patch a vulnerability disclosed during last week’s Hack in the Box hacker conference in Amsterdam that allows an attacker with physical access—even on the latest versions of iOS—to swap out legitimate apps with malicious versions undetected on the device. Researcher Chilik Tamir ...