41 matches found
EUVD-2025-209437
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...
CVE-2025-7389
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...
CVE-2025-7389
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...
CVE-2025-7389
CVE-2025-7389 describes a vulnerability in the OpenEdge AdminServer component where authenticated users could gain OS-level access and read arbitrary host files via misused methods exposed through the RMI interface, specifically the prototypes like setFile() and openFile() . The issue hinges on t...
CVE-2025-7389 Unauthorized Arbitrary File Read via RMI in AdminServer Interface
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...
PT-2026-32624
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...
Progress OpenEdge 安全漏洞
Progress OpenEdge is an enterprise-level application development and database management platform provided by the American company Progress. There is a security vulnerability in Progress OpenEdge, which stems from improper authorization in the AdminServer component. This vulnerability could allow...
Apache ZooKeeper 3.9.x < 3.9.4 Improper Permission Check
The version of Apache ZooKeeper listening on the remote host is 3.9.x prior to 3.9.4. It is, therefore, affected by an improper permission check vulnerability: - Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore commands with insufficient...
Security Bulletin: Improper Permission Check in Apache ZooKeeper AdminServer Allows Unauthorized Snapshot and Restore Operations, affects watsonx.data
Summary Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue c...
ROS-20251223-7314
A vulnerability in the Snapshot/Restore commands of the AdminServer component of the centralized service for maintaining configuration information, naming, providing distributed synchronization, and provisioning Apache ZooKeeper group services is related to incorrect handling of insufficient...
Improper Permission Checks
Apache ZooKeeper is vulnerable to improper permission checks. The vulnerability is due to insufficient authorization validation in the AdminServer, allowing authorized clients to execute snapshot and restore commands without proper permissions...
EUVD-2025-30955
Malicious code in bioql PyPI...
EUVD-2025-26702
Malicious code in bioql PyPI...
Progress OpenEdge 12.2.x < 12.2.18 / 12.8.x < 12.8.9 RCE (000288507)
The version of Progress OpenEdge installed on the remote host is 12.2.x prior to 12.2.18, or 12.8.x prior to 12.8.9. It is, therefore, affected by a remote code execution vulnerability as referenced in the 000288507 advisory. - It was possible to perform Remote Command Execution RCE via Java RMI...
Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands
Improper permission checks in the AdminServer allow an authenticated client with insufficient privileges to invoke the snapshot and restore commands. The intended requirement is authentication and authorization on the root path / with ALL permission for these operations; however, affected version...
DEBIAN-CVE-2025-58457
Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...
CVE-2025-58457
Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...
CVE-2025-58457
Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...
UBUNTU-CVE-2025-58457
Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...
CVE-2025-58457
Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...