8 matches found
openSUSE Security Advisory (SUSE-SU-2024:1340-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Metasploit Weekly Wrap-Up 04/19/24
Welcome Ryan and the new CrushFTP module It's not every week we add an awesome new exploit module to the Framework while adding the original discoverer of the vulnerability to the Rapid7 team as well. We're very excited to welcome Ryan Emmons to the Emergent Threat Response team, which works...
SUSE-SU-2024:1340-1 Security update for pgadmin4
This update for pgadmin4 fixes the following issues: - CVE-2024-2044: Fixed unsafe deserialization and Remote Code Execution by an authenticated user bsc1221172...
pgAdmin 8.3 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pgAdmin Session Deserialization RCE', 'Description' = %q pgAdmin versions = 8.3 have a path traversal vulnerability within their session manageme...
CVE-2024-2044
creationtimestamp| type| source ---|---|--- 2024-03-07 22:27:08+00:00| seen| https://t.me/ctinow/202843 2024-03-14 03:09:40+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10130 2024-04-16 21:37:56+00:00| seen|...
CVE-2024-2044
pgAdmin = 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on...
CVE-2024-2044 Unsafe Deserialisation and Remote Code Execution by an Authenticated user in pgAdmin 4
pgAdmin = 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on...
CVE-2024-2044
CVE-2024-2044 affects pgAdmin4