103 matches found
CVE-2026-48190
An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has to be used to be affected. This issue affects OTRS: 7.0.X...
Exploit for Missing Authentication for Critical Function in Veeam Veeam_Backup_\&_Replication
CVE-2023-27532 - Veeam Backup & Replication Vulnerability...
EUVD-2019-15714
Malware in sbrugna...
EUVD-2021-21373
Malware in sbrugna...
EUVD-2025-22075
Malicious code in bioql PyPI...
EUVD-2022-43067
Malicious code in bioql PyPI...
MB CONNECT LINE mbNET.mini SQL Injection Vulnerability
The mbNET.mini from MB CONNECT LINE is an industrial router designed for industrial scenarios and is primarily used to enable secure remote connections to machines and systems. MB CONNECT LINE mbNET.mini suffers from a SQL injection vulnerability that stems from improper neutralization of special...
CVE-2025-41678
A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement...
CVE-2025-41678
A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement...
CVE-2025-41678
A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement...
CVE-2025-41678 SQL Injection via POST Requests Allowing Configuration Database Manipulation
A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement...
CVE-2025-41678
CVE-2025-41678 is described as a SQL injection vulnerability that allows a high-privileged remote attacker to alter the configuration database via POST requests. Connected sources indicate affected devices in the Helmholz Rex100/mbNET.mini family with versions prior to 2.3.3 (fixed in 2.3.3). Mit...
CVE-2025-41678 SQL Injection via POST Requests Allowing Configuration Database Manipulation
A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL statement...
MB Connect Line mbNET.mini 注入漏洞
The mbNET.mini from MB CONNECT LINE is an industrial router designed for industrial scenarios and is primarily used to enable secure remote connections to machines and systems. MB CONNECT LINE mbNET.mini suffers from a SQL injection vulnerability that stems from improper neutralization of special...
PT-2025-30254 · Helmholz +1 · Rex100 +1
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL...
Upgrading the PostgreSQL Database Engine Software Used by Veeam Backup for Microsoft 365
Support Scope This article is provided as a courtesy to give customers a high-level explanation of how to upgrade the underlying PostgreSQL database engine used to host the Veeam Backup for Microsoft 365 configuration database. Per the Veeam Customer Support Policy, section 10: Support for Veeam...
CVE-2022-3710
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3711
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA...
CVE-2019-6147
Forcepoint NGFW Security Management Center SMC versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next...
"Database connection settings for the Microsoft Entra ID backup repository cannot be found."
If you are encountering this error after recently upgrading to Veeam Backup & Replication 12.3, and that upgrade failed on the first attempt, and you attempted the upgrade a second time, please review the section discussing "For Customers Who Ran the Upgrade a Second Time and It Succeeded" on...