Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada Inc. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2024.3.17 and prior versions, which stems from incorrect authentication in SQL data...

CVE-2024-52342

creationtimestamp| type| source ---|---|--- 2024-11-19 00:04:58+00:00| seen| https://t.me/cvedetector/11402 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

The vulnerability of the libpq component in the PostgreSQL database management system allows attackers to circumvent existing security restrictions and execute a type of “man-in-the-middle” attack.

The vulnerability of the libpq component in the PostgreSQL database management system is related to the use of an unreliable data source. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and carry out a “man-in-the-middle” type attack...

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a data source confirmation error during the processing of the resource://pdf.js path. Exploiting this vulnerability can allow an attacker to bypass security restrictions and gai...

The vulnerability in the CORS mechanism of Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to bypass security restrictions.

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a data source confirmation error. Exploiting this vulnerability can allow an attacker to bypass security restrictions remotely...

CVE-2024-39719

creationtimestamp| type| source ---|---|--- 2024-10-31 21:57:42+00:00| seen| https://t.me/cvedetector/9536 2025-05-09 01:00:08+00:00| published-proof-of-concept| Telegram/Pmh7GqPqZEp7yCoSKiYzNwDev9YVek893setQPVdRhEh4RI 2025-09-24 00:43:16+00:00| seen| MISP/9e6b1b0e-5fb2-46d6-9aaf-7c64a1324e40...

CVE-2024-40855

creationtimestamp| type| source ---|---|--- 2024-10-28 21:24:10+00:00| seen| None...

CVE-2024-10433

creationtimestamp| type| source ---|---|--- 2024-10-28 01:56:28+00:00| seen| https://t.me/cvedetector/9079 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:30+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

CVE-2024-10411

creationtimestamp| type| source ---|---|--- 2024-10-27 06:42:18+00:00| seen| https://t.me/cvedetector/9050 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:32+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

CVE-2024-46997

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...

CVE-2024-46997 DataEase's H2 datasource has a remote command execution risk

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...

Citrix Director - Troubleshoot Monitor data source errors

Director reports Monitor data source errors...

PT-2024-32329 · Dataease · Dataease

Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 2.10.1 Description: The issue allows an attacker to achieve remote command execution by adding a carefully constructed h2 data source connection string. This can be done by sending a POST request to the...

CVE-2024-20317

creationtimestamp| type| source ---|---|--- 2024-09-11 19:32:54+00:00| seen| https://t.me/cvedetector/5405...

CVE-2022-4529

creationtimestamp| type| source ---|---|--- 2024-09-05 13:50:23+00:00| seen| https://t.me/cvedetector/4901...

OPENSUSE-SU-2024:0274-1 Security update for cacti, cacti-spine

This update for cacti, cacti-spine fixes the following issues: - cacti 1.2.27: CVE-2024-34340: Authentication Bypass when using using older password hashes boo1224240 CVE-2024-25641: RCE vulnerability when importing packages boo1224229 CVE-2024-31459: RCE vulnerability when plugins include files...

CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...