16 matches found
CVE-2026-59954
Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.2, Apollo ConfigService may allow unauthorized access to configuration data when AccessKey or management key authentication is enabled because ConfigService can accept a...
CVE-2026-59954
CVE-2026-59954 affects Apollo ConfigService. Before version 2.5.2, when AccessKey or management key authentication is enabled, the service may authorize access to configuration data via non-canonical appId variants that downstream handling resolves to the protected app (including accent-variant a...
PT-2026-60109
Summary Apollo ConfigService may allow unauthorized access to configuration data when AccessKey / management key authentication is enabled and ConfigService accepts a non-canonical appId variant during authentication while downstream request handling resolves it to the protected app. Details...
GHSA-2GR8-3WC7-XHJ3 social-auth-app-django affected by Improper Handling of Case Sensitivity
Impact Due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. Patches This issue has been addressed by https://github.com/python-social-auth/social-app-django/pull/566 and fix...
GHSA-QW9G-7549-7WG5 Directus has MySQL accent insensitive email matching
Password reset vulnerable to accent confusion The password reset mechanism of the Directus backend is implemented in a way where combined with specific, need to double check if i can work around configuration in MySQL or MariaDB. As such, it allows attackers to receive a password reset email of a...
SUSE CVE-2019-2393
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior t...
Mongodb Server Resource Management Error Vulnerability
Mongodb Server is the United States Mongodb company's set of open source NoSQL database . The database provides collection-oriented storage , dynamic query , data replication and automatic failover and other functions . A security vulnerability exists in MongoDB Server that originates from the...
CVE-2019-2393
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior t...
Design/Logic Flaw
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior t...
CVE-2019-2393
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior t...
UBUNTU-CVE-2019-2393
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior t...
CVE-2019-2393
Removed by vendor...
PT-2020-10893 · Mongodb +1 · Mongodb Server +2
Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 4.2.1 MongoDB Server versions prior to 4.0.13 MongoDB Server versions prior to 3.6.15 Description: A user authorized to perform database queries may trigger denial of service by issuing specially crafted...
MongoDB 资源管理错误漏洞
Mongodb Server is the United States Mongodb company's set of open source NoSQL database . The database provides collection-oriented storage , dynamic query , data replication and automatic failover and other functions . A security vulnerability exists in MongoDB Server that originates from the...
FAQ: Recommended database collations for Citrix Products
What are the DB collations supported by different Citrix Products? Product| Collation that ends with ---|--- Virtual Apps and Desktops 7| CIASKS XenApp/Virtual Apps 6.5| CIASKS and CP1CIAS Provisioning 7| CP1CIAS Workspace Environment Management WEM| CIAI Session Recording| CIAS...
Freelance Cockpit CRM 3.3.1 SQL Injection
=========================================================================================== Exploit Title: Freelance Cockpit CRM - SQL Inj. Dork: N/A Date: 17-05-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.freelancecockpit.com/ Software Link: https://www.freelancecockpit.com...