CVE-2018-16850 - SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING.

postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pgupgrade and pgdump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.More at:...

RESTEasy: creation of insecure temp files

In RESTEasy the insecure File.createTempFile is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user...

SUSE CVE-2023-2602

A vulnerability was found in the pthreadcreate function in libcap. This issue may allow a malicious actor to use cause realpthreadcreate to return an error, which can exhaust the process memory...

CVE-2023-2455

A flaw was found in PostgreSQL, which could permit incorrect policies being applied in certain cases where role-specific policies are used and a given query is planned under one role and executed under other roles. This scenario can happen under security definer functions, or when a common user a...

PT-2023-3673 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.3.4 Description: An issue was discovered in the Linux kernel where ksmbd has an out-of-bounds read in smb2 find context vals when create context's name len is larger than the tag length. This issue may allow a...

CVE-2023-1698

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise...

grafana-pcp security and enhancement update

5.1.1-1 - update to 5.1.1 tagged upstream community sources, see CHANGELOG - resolve CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 5.0.0-4 - update to 5.0.0 tagged upstream community sources, see CHANGELOG - install plugin in /usr/share and create symlink from /var...

UBUNTU-CVE-2023-2602

A vulnerability was found in the pthreadcreate function in libcap. This issue may allow a malicious actor to use cause realpthreadcreate to return an error, which can exhaust the process memory...

SUSE CVE-2023-2455

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security...

PT-2023-22606 · Webkil · Webkul Qloapps

Name of the Vulnerable Software and Affected Versions: Webkil QloApps version 1.5.2 Description: A Cross Site Scripting issue allows a remote attacker to obtain sensitive information via the back and email create parameters in the AuthController.php file. Recommendations: For Webkil QloApps versi...

postgresql-server -- Row security policies disregard user ID changes after inlining

PostgreSQL Project reports While CVE-2016-2193 fixed most interaction between row security and user ID changes, it missed a scenario involving function inlining. This leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned...

PT-2023-2996 · Unknown +11 · Postgresql +10

Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: The issue is related to row security policies in PostgreSQL, which can be disregarded when user ID changes occur after inlining. This can lead to incorrect policies being applied,...

PT-2023-3148 · Unknown +11 · Postgresql +10

Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: The issue is related to a component of the PostgreSQL database management system, specifically the Schema Handler, which has inadequate access control. This can allow a remote attacker...

kernel: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent A user is able to configure an arbitrary number of rx queues when creating an interface via netlink. This doesn't work for child PKEY interfaces because the...

Wolf CMS 0.8.3.1 - Remote Code Execution Vulnerability

Exploit Title: Wolf CMS 0.8.3.1 - Remote Code Execution RCE Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://wolf-cms.readthedocs.io Software Link: https://github.com/wolfcms/wolfcms Version: 0.8.3.1 Tested on: Kali Linux Steps to Reproduce Firstly, go to the "Files" tab. Click on the...

PT-2023-3026 · Wago · Wago Cc100 +4

Name of the Vulnerable Software and Affected Versions: WAGO PFC100 versions =16 and =16 and =16 and =16 and =16 and =16 and =16 and =16 and =16 and =16 and =23, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the device...

CVE-2022-47876

The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts...

CVE-2022-47876

The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts...

PT-2023-2594 · Docker · Docker Desktop For Windows

Name of the Vulnerable Software and Affected Versions: Docker Desktop for Windows versions prior to 4.6.0 Description: The issue is related to a symlink attack on the hyperv/create dockerBackendV2 API, allowing attackers to overwrite any file by controlling the DataFolder parameter for...

CVE-2023-31043

EnterpriseDB EDB Postgres Advanced Server EPAS before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edbfilterlog.redactpasswordcommands. The fixed versions are 10.23.33, 11.18.29, 12.13.17,...