13 matches found
EUVD-2018-3209
Malware in sbrugna...
EUVD-2025-22652
Malicious code in bioql PyPI...
CVE-2025-8715
Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...
CVE-2025-38431
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that their backup/copy tools started to fail when the directory being copied contained symlink targets that the client couldn't parse - even...
CVE-2025-38431 smb: client: fix regression with native SMB symlinks
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that their backup/copy tools started to fail when the directory being copied contained symlink targets that the client couldn't parse - even...
CVE-2025-38431
The CVE-2025-38431 entry concerns the Linux kernel SMB client regression related to native SMB symlinks. The available connected document details indicate the vulnerability was addressed by restoring the ability of the client to perform lstat(2) and readlink(2) operations even when the symlink ta...
CVE-2023-28630 Sensitive information disclosure possible on misconfigured failed backups of non-H2 databases in gocd
GoCD is an open source continuous delivery server. In GoCD versions from 20.5.0 and below 23.1.0, if the server environment is not correctly configured by administrators to provide access to the relevant PostgreSQL or MySQL backup tools, the credentials for database access may be unintentionally...
CVE-2023-28630
CVE-2023-28630 affects GoCD versions 20.5.0 through 23.1.0. When backups are enabled but the server cannot access the required backup binaries (pg_dump for PostgreSQL or mysqldump for MySQL), a failure to launch the backup utility can leak the plaintext database password in admin alerts. The flaw...
CVE-2023-28630 Sensitive information disclosure possible on misconfigured failed backups of non-H2 databases in gocd
GoCD is an open source continuous delivery server. In GoCD versions from 20.5.0 and below 23.1.0, if the server environment is not correctly configured by administrators to provide access to the relevant PostgreSQL or MySQL backup tools, the credentials for database access may be unintentionally...
PT-2023-21862 · H2 +2 · H2 +3
Name of the Vulnerable Software and Affected Versions: GoCD versions 20.5.0 through 23.1.0 Description: The issue arises when the server environment is not correctly configured to provide access to the relevant PostgreSQL or MySQL backup tools, potentially leaking database access credentials to...
Hyper-V hosts crash in csvfs.sys in Windows Server 2012 R2
Hyper-V hosts crash in csvfs.sys in Windows Server 2012 R2 Symptoms Windows Server 2012 R2 Hyper-V hosts may crash in the csvfs.sys file process when you perform backup with certain backup applications. Cause This issue occurs if a backup solution sends the CsvControlQueryFileRevision request on ...
Apple Legacy filevault barn door...
As someone said here recently, carefully built crypto has a unfortunate tendency to consist of three thick impregnable walls and a picket fence in the back with the gate left open. That seems to have happened to Apple's older "legacy" Filevault in the current release of MacOX Lion 10.7.3...
Design/Logic Flaw
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions world readable for a configuration file with network share credentials, which allows local users to...