7 matches found
Cloud Attack Surface Management Mapping 101
Before an attacker launches an assault, they do their homework. Their first step is to meticulously map your digital footprint, searching for the path of least resistance—an exposed database, an unpatched server, or a forgotten subdomain. The reality is that your attack surface is already being...
CVE-2024-25605
The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions grants guest users view permission to web content templates by default, which allows remote attacke...
AZL-35111 CVE-2024-0985 affecting package postgresql for versions less than 16.3-1
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The...
Smartbi has a flawed logic vulnerability
Smartbi is the business intelligence BI and data analytics brand of Guangzhou Sematic Software Co. Smartbi has a logic flaw vulnerability that can be exploited by an attacker to view and modify sensitive system configuration information...
Chun technical blog team easy enterprise show integration 70C scene show source code system has unauthorized access vulnerability
Chun brother technology blog team is committed to sharing station building technology, micro letter development technology, custom development business source code system, custom development enterprise website, is a service small and medium-sized webmaster enterprise technology-based independent...
Shenzhen with the world Technology Co., Ltd. station building system with ultraviolet access vulnerability
Shenzhen with the world technology limited company is a travel agency SaaS intelligent management system research and development, sales and the establishment of industry data center as one of the new Internet enterprises. Shenzhen with the world Technology Co., Ltd. building system there is an...
Inso DynaWeb HTTPd 3.1/4.0.2/4.1 - Format String
// source: https://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely exploitable format-string...