23 matches found
CVE-2026-27728
OneUptime prior to v10.0.7 contains an OS command injection vulnerability in NetworkPathMonitor.performTraceroute() that allows an authenticated project user to inject shell metacharacters into a monitor destination, enabling arbitrary commands on the Probe server. Affected version: before 10.0.7...
CVE-2026-27728 OneUptime: OS Command Injection in Probe NetworkPathMonitor via unsanitized destination in traceroute exec()
OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.7, an OS command injection vulnerability in NetworkPathMonitor.performTraceroute allows any authenticated project user to execute arbitrary operating system commands on the Probe server by injecting shell...
CVE-2019-18356
An XSS issue was discovered in Thycotic Secret Server before 10.7 issue 1 of 2...
Linux Distros Unpatched Vulnerability : CVE-2022-27382
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Itemfield::usedtables/updatedependmapfororder. CVE-2022-27382 No...
BIT-MARIADB-MIN-2022-31621
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dsxbstream.cc, when an error occurs streamctxt-destfile == NULL while executing the method xbstreamopen, the held lock is not released correctly, which allows local users to trigger a denial of service due to the...
[R1] Nessus Agent Version 10.7.4 Fixes One Vulnerability
R1 Nessus Agent Version 10.7.4 Fixes One Vulnerability Arnie Cabral Wed, 04/02/2025 - 11:12 When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.7.4 did not enforce secure permissions for sub-directories. This could allow for local privilege...
mariadb: server crash in Item_args::walk_args
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemargs::walkargs...
mariadb: segmentation fault in Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exectimetracker::getloops/Filesorttracker::reportuse/filesort...
DEBIAN-CVE-2022-32091
MariaDB v10.7 was discovered to contain an use-after-poison in in interceptormemset at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...
MariaDB 安全漏洞
MariaDB is a database management system from the Mariadb Foundation and a version of the MySQL branch that uses the Maria storage engine. A denial of service vulnerability exists in versions of MariaDB Server prior to 10.7, which stems from the execution of the logstatementex method, the...
MariaDB 安全漏洞
MariaDB is the database management system of the Mariadb Foundation and a version of the MySQL branch that uses the Maria storage engine. a denial of service vulnerability exists in versions of MariaDB Server prior to 10.7, which originates in extra/mariabackup/dscompress.cc, and can be exploited...
ALPINE-CVE-2022-27386
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sqlclass.cc...
MariaDB SQL注入漏洞
MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB Server v10.7 and lower, which stems from the discovery of a segmentation error contained via the compone...
CVE-2021-33207
The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an HTTP response with a 570 status code...
McAfee Endpoint Security Code Issue Vulnerability (CNVD-2020-66090)
McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on....
McAfee Endpoint Security Elevation of Privilege Vulnerability (CNVD-2020-24141)
McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on...
Thycotic Secret Server Cross-Site Scripting Vulnerability (CNVD-2019-38074)
Thycotic Secret Server is a privileged account management solution from Thycotic USA. A cross-site scripting vulnerability exists in Thycotic Secret Server versions prior to 10.7. The vulnerability stems from the lack of proper validation of client-side data by the WEB application, and can be...
Symantec Messaging Gateway Elevation of Privilege Vulnerability (CNVD-2019-22205)
Symantec Messaging Gateway is a suite of spam filters from Symantec USA. The product features anti-spam, anti-virus, advanced content filtering and data leakage protection. A boost vulnerability exists in Symantec Messaging Gateway versions prior to 10.7.1. An attacker can exploit this...
CVE-2018-0528
Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors...
CVE-2018-10652
There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3...