3 matches found
CVE-2026-24013
CVE-2026-24013 describes an authentication bypass in Apache IoTDB due to insufficient validation of the sessionId in certain Thrift RPC query handlers. An attacker can forge a sessionId and, without openSession authentication, obtain valid query results, enabling unauthorized reading of time-seri...
Exploit for Command Injection in Vmware Aria_Operations_For_Networks
CVE-2023-20887 POC for CVE-2023-20887 VMWare Aria Operations f...
Metasploit Weekly Wrap up
Unauthenticated RCE in VMware Product This week, community contributor h00die added an exploit module that leverages a command injection vulnerability in VMWare Aria Operations for Networks, formerly known as vRealize Network Insight. Versions 6.2 to 6.10 are vulnerable CVE-2023-20887. A remote...