537 matches found
CVE-2023-52969
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a mismatch between the nftables denial field length and the aggregate key length...
CVE-2024-12700 Tibbo AggreGate Network Manager Unrestricted Upload of File with Dangerous Type
There is an unrestricted file upload vulnerability where it is possible for an authenticated user low privileged to upload an jsp shell and execute code with the privileges of user running the web server...
CVE-2024-12700 Tibbo AggreGate Network Manager Unrestricted Upload of File with Dangerous Type
There is an unrestricted file upload vulnerability where it is possible for an authenticated user low privileged to upload an jsp shell and execute code with the privileges of user running the web server...
CVE-2024-12700
CVE-2024-12700 relates to Tibbo AggreGate Network Manager. The provided documents identify an unrestricted file upload vulnerability in the UploaderTempFileController (Tibbo Aggregate Network Manager) that allows an authenticated, low-privileged user to upload a JSP shell and execute arbitrary co...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on December 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-354-01 Hitachi Energy RTU500 series CMU ICSA-24-354-02 Hitachi Energy SDM600...
Tibbo Aggregate Network Manager UploaderTempFileController Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tibbo Aggregate Network Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the UploaderTempFileController class. The issue results from the lack of...
PT-2024-17717 · Tibbo · Tibbo Aggregate Network Manager
Name of the Vulnerable Software and Affected Versions: Tibbo AggreGate Network Manager affected versions not specified Description: The issue is related to an unrestricted file upload vulnerability. This allows an authenticated user with low privileges to upload a jsp shell, which can then execut...
Tibbo AggreGate Network Manager 代码问题漏洞
Tibbo AggreGate Network Manager is a network monitoring and IT management platform from Tibbo. A code issue vulnerability exists in Tibbo AggreGate Network Manager version 6.34.02 and prior versions, which stems from an unrestricted file upload. An attacker can use this vulnerability to upload a...
PostgreSQL Memory disclosure in aggregate function calls (CVE-2023-5868)
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
Malicious code in aggregate-rose-booby (npm)
--- -= Per source details. Do not edit below this line.=-...
ManageEngine ADAudit Plus < Build 8000 Multiple Vulnerabilities
The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8000. It is, therefore, affected by multiple vulnerabilities. - Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module. CVE-2024-5556 -...
CVE-2024-5490
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option...
CVE-2024-5490
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option...
CVE-2024-5490 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option...
CVE-2024-5490
CVE-2024-5490 affects Zohocorp ManageEngine ADAudit Plus versions below 8000. An authenticated SQL injection vulnerability exists in the aggregate reports option due to improper query handling, with high impact (C/I/A) per listed CVSS metrics. Affected part: aggregate reports functionality. Explo...
CVE-2024-5490 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option...
PT-2024-36432 · Zohocorp · Zoho Manageengine Adaudit Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8000 Description: The issue concerns an authenticated SQL injection vulnerability in the aggregate reports option. This vulnerability can be exploited by authenticated users, potentially leadi...
ManageEngine ADAudit Plus < Build 8003 Multiple Vulnerabilities
The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8003. It is, therefore, affected by multiple vulnerabilities. - Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option...
CVE-2024-36034
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option...