192 matches found
SUSE CVE-2025-59163
vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...
EUVD-2002-1634
Malware in sbrugna...
The vulnerability of the LDAP authentication configuration in Server Mode of the pgAdmin 4 database management tool allows a hacker to bypass security restrictions and gain unauthorized access to protected information.
The vulnerability of the LDAP authentication configuration in the Server Mode mode of the pgAdmin 4 database management tool is related to improper session fixation due to incorrect access control. Exploiting this vulnerability can allow an attacker to bypass security restrictions and gain...
ROS-20250703-01
Vulnerability in Server Mode LDAP authentication configuration of database management tool pgAdmin 4 is related to incorrect session commit as a result of improper access delimitation. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the security restrictions...
VulnCheck KEV: CVE-2023-47105
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...
CVE-2023-47105
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...
OESA-2025-1397 openvpn security update
OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...
OESA-2025-1396 openvpn security update
OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...
DEBIAN-CVE-2025-2704
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...
CVE-2025-2704
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...
CVE-2024-42452
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability...
CVE-2023-1907
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...
UBUNTU-CVE-2023-1907
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...
CVE-2023-1907 Pgadmin: users authenticated simultaneously via ldap may be attached to the wrong session
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...
pgAdmin 安全漏洞
pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin that stems from the fact that a user logged into pgAdmin running in server mode using LDAP authentication may attach to another...
SUSE CVE-2023-1907
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...
Vulnerabilities fixed in Veeam Backup & Replication
Veeam has fixed vulnerabilities in Veeam Backup & Replication. The vulnerabilities in Veeam Backup & Replication allow low-privileged users to remotely execute code, extract stored credentials in plain text, launch an agent in server mode, manipulate configurations within the virtual...
OS Command Execution
github.com/chaosblade-io/chaosblade is vulnerable to OS Command Execution. The vulnerability is due to the lack of authentication when using the cmd parameter in the exec.CommandContext function in server mode. It allows an attacker to execute arbitrary OS commands on the server without...
GHSA-723H-X37G-F8QM Chaosblade vulnerable to OS command execution
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...
Chaosblade vulnerable to OS command execution
exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...