1036 matches found
The vulnerability of the WebSockets API component of the CodeMeter license control application allows a perpetrator to gain unauthorized access to modify or create license files for CmActLicense.
The vulnerability of the WebSockets API of the CodeMeter license control application is related to a data source confirmation error. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to modify or create CmActLicense license files...
DEBIAN-CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the fdir attribute in the data source name DSN. NOTE: this issue exists because of an incomplete fix for CVE-2014-10401...
AZL-41925 CVE-2014-10402 affecting package perl-DBI for versions less than 1.632-1
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the fdir attribute in the data source name DSN. NOTE: this issue exists because of an incomplete fix for CVE-2014-10401...
ALPINE-CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the fdir attribute in the data source name DSN. NOTE: this issue exists because of an incomplete fix for CVE-2014-10401...
CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the fdir attribute in the data source name DSN. NOTE: this issue exists because of an incomplete fix for CVE-2014-10401...
PT-2020-6752 · Dbi +5 · Dbi +5
Name of the Vulnerable Software and Affected Versions: DBI module through 1.643 for Perl Description: The issue is related to the DBI module for Perl, where the DBD::File drivers can open files from folders other than those specifically passed via the f dir attribute in the data source name DSN...
Arbitrary File Read
github.com/grafana/grafana is vulnerable to arbitrary file read. Lack of proper handling of MySQL data source connection string allows an authenticated user having privilege to modify the configuration to read arbitrary files...
Grafana Arbitrary File Read Vulnerability
Grafana is an open source, feature-rich metrics dashboard and graphical editor supporting Graphite, Elasticsearch, OpenTSDB, Prometheus, and InfluxDB. An arbitrary file read vulnerability exists in Grafana 6.4.3 and earlier versions. An attacker who has the right to modify the configuration of a...
CVE-2019-19499
Grafana has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...
CVE-2019-19499
Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...
CVE-2019-19499
Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...
Arbitrary file deletion
Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...
CVE-2019-19499
Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...
CVE-2019-19499
Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...
CVE-2019-19499
Grafana
CVE-2020-24616
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP...
UBUNTU-CVE-2020-24616
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP...
Description of the security update for SharePoint Server 2019: July 14, 2020
Description of the security update for SharePoint Server 2019: July 14, 2020 Note: After you install this update, the default setting for a trusted data source and trusted content locations in PerformancePoint Services will change from trust all to trust none. For more information, see KB 4571413...
CVE-2020-12725
Havoc Research discovered an authenticated Server-Side Request Forgery SSRF via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding...
Server side request forgery (ssrf)
Havoc Research discovered an authenticated Server-Side Request Forgery SSRF via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding...