Lucene search
+L

8 matches found

openvas
openvas
added 2024/04/23 12:0 a.m.16 views

openSUSE Security Advisory (SUSE-SU-2024:1340-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS9.5AI score0.79326EPSS
Exploits4References4
rapid7blog
rapid7blog
added 2024/04/19 6:42 p.m.61 views

Metasploit Weekly Wrap-Up 04/19/24

Welcome Ryan and the new CrushFTP module It's not every week we add an awesome new exploit module to the Framework while adding the original discoverer of the vulnerability to the Rapid7 team as well. We're very excited to welcome Ryan Emmons to the Emergent Threat Response team, which works...

7.5CVSS9.8AI score0.81801EPSS
Exploits13
osv
osv
added 2024/04/18 1:4 p.m.5 views

SUSE-SU-2024:1340-1 Security update for pgadmin4

This update for pgadmin4 fixes the following issues: - CVE-2024-2044: Fixed unsafe deserialization and Remote Code Execution by an authenticated user bsc1221172...

9.9CVSS7.4AI score0.79326EPSS
Exploits4References3
packetstorm
packetstorm
added 2024/04/17 12:0 a.m.718 views

pgAdmin 8.3 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pgAdmin Session Deserialization RCE', 'Description' = %q pgAdmin versions = 8.3 have a path traversal vulnerability within their session manageme...

9.9CVSS7.4AI score0.79326EPSS
Exploits4
circl
circl
added 2024/03/07 10:27 p.m.23 views

CVE-2024-2044

creationtimestamp| type| source ---|---|--- 2024-03-07 22:27:08+00:00| seen| https://t.me/ctinow/202843 2024-03-14 03:09:40+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10130 2024-04-16 21:37:56+00:00| seen|...

9.9CVSS8.6AI score0.79326EPSS
Exploits4References3
nvd
nvd
added 2024/03/07 9:15 p.m.19 views

CVE-2024-2044

pgAdmin = 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on...

9.9CVSS9.8AI score0.79326EPSS
Exploits4References3
vulnrichment
vulnrichment
added 2024/03/07 8:48 p.m.28 views

CVE-2024-2044 Unsafe Deserialisation and Remote Code Execution by an Authenticated user in pgAdmin 4

pgAdmin = 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on...

9.9CVSS7.5AI score0.79326EPSS
Exploits4References3
cve
cve
added 2024/03/07 8:48 p.m.153 views

CVE-2024-2044

CVE-2024-2044 affects pgAdmin4

9.9CVSS9.7AI score0.79326EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder