Lucene search
K

11 matches found

BDU FSTEC
BDU FSTEC
added 2025/06/04 12:0 a.m.5 views

The vulnerability of the Microsoft Dataverse data management platform, which arises from incorrect handling of insufficient permissions or privileges, allows a perpetrator to escalate their privileges.

The vulnerability of the Microsoft Dataverse data management platform is related to the improper handling of insufficient permissions or privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

8.5CVSS7.7AI score0.00755EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/28 12:0 a.m.5 views

The vulnerability of the Microsoft Dataverse data management platform, related to deficiencies in deserialization mechanisms, allows attackers to execute arbitrary code.

The vulnerability of the Microsoft Dataverse data management platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8.7CVSS6AI score0.01246EPSS
Exploits0References3
CVE
CVE
added 2025/03/11 3:35 p.m.148 views

CVE-2025-27617

Pimcore is affected by a SQL injection in the getRelationFilterCondition path prior to version 11.5.4. Authenticated users can craft a filter string that leads to SQL injection, potentially exposing or modifying data. The issue is addressed by upgrading Pimcore to version 11.5.4 or newer. Documen...

8.8CVSS7.1AI score0.00449EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.4 views

The vulnerability of the Microsoft Dataverse data management platform, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.

The vulnerability of the Microsoft Dataverse data management platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow attackers to increase their privileges remotely...

8.7CVSS5.8AI score0.00762EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.4 views

The vulnerability of the SAP Master Data Governance data management platform lies in the absence of authentication procedures, which allow attackers to escalate their privileges and disclose protected information.

The vulnerability of the SAP Master Data Governance data management platform is related to the absence of authentication procedures. Exploiting this vulnerability can allow attackers to enhance their privileges and disclose sensitive information...

4.3CVSS5.5AI score0.00319EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/02 7:51 p.m.84 views

Security Bulletin: IBM Data Management Platform for EDB Postgres Standard is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary IBM Data Management Platform for EnterpriseDB EDB Postgres Standard contains a component called EDB Failover Manager EFM and uses a version of Apache Log4j that impacts high availability in EDB. The upgraded EFM product contains Apache Log4j 2.17.1. Vulnerability Details CVEID:...

10CVSS1AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/02 7:47 p.m.48 views

Security Bulletin: IBM Data Management Platform for EDB Postgres Enterprise is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)

Summary IBM Data Management Platform for EnterpriseDB EDB Postgres Enterprise contains a component called EDB failover manager EFM and uses a version of log4j that impacts high availability in EDB. The upgraded EFM product contains Apache Log4j 2.17.1. Vulnerability Details CVEID: CVE-2021-45105...

10CVSS0.9AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/03 8:39 p.m.37 views

Security Bulletin: EDB PostreSQL with IBM, EDB Postgres Advanced Server with IBM, IBM Data Management Platform (Enterprise, Standard) are vulnerable to an SQL Injection (CVE-2021-23214)

Summary EDB PostreSQL with IBM and EDB Postgres Advanced Server with IBM are vulnerable to an SQL Injection Vulnerability Details CVEID: CVE-2021-23214 DESCRIPTION: PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements when the server is configur...

8.1CVSS7.4AI score0.01901EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2021/09/15 1:50 p.m.21 views

CVE-2021-39189 Observable Response Discrepancy in Lost Password Service

Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually...

5.3CVSS5.3AI score0.01243EPSS
Exploits0References4
ICS
ICS
added 2020/09/10 12:0 a.m.58 views

AVEVA Enterprise Data Management Web

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AVEVA Equipment: Enterprise Data Management Web Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL...

9.8CVSS9.9AI score0.02912EPSS
Exploits3References5
ICS
ICS
added 2017/08/08 12:0 a.m.46 views

OSIsoft PI Integrator

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: OSIsoft Equipment: PI Integrator Vulnerabilities: Cross-Site Scripting, Improper Authorization AFFECTED PRODUCTS The following versions of PI Integrator, a data management platform, are affected: PI Integrator for SAP...

9.8CVSS8AI score0.02341EPSS
Exploits0References3
Rows per page
Query Builder