Lucene search
K

1987 matches found

OSV
OSV
added 2021/06/02 1:15 p.m.2 views

CVE-2021-23894

Deserialization of untrusted data vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server...

8.8CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2021/06/02 1:5 p.m.60 views

CVE-2021-23895

CVE-2021-23895 describes a deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2. A remote authenticated attacker can abuse a crafted Java serialized object sent to the DBSec server to spawn a reverse shell with administrator privileges. Affected compo...

9CVSS7.7AI score0.0187EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/02 1:5 p.m.16 views

CVE-2021-23894 Unauthorized deserialization of untrusted data in McAfee DBSec

Deserialization of untrusted data vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server...

9.6CVSS9.5AI score0.02242EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/02 12:0 a.m.2 views

SQL Injection Vulnerability in CRM E4/Standard Edition of Pengwei Software Corporation (CNVD-2021-42784)

Pengwei Software Co., Ltd. is a static transportation system solution provider. A SQL injection vulnerability exists in the CRM E4/Standard Edition of Pengwei Software Corporation, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
CNNVD
CNNVD
added 2021/06/02 12:0 a.m.2 views

Mcafee Database Security Server 安全漏洞

Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...

4.5CVSS5.6AI score0.00204EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/02 12:0 a.m.5 views

Mcafee Database Security Server 代码问题漏洞

Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A code...

9CVSS5.8AI score0.0187EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/02 12:0 a.m.4 views

Mcafee Database Security Server 代码问题漏洞

Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A code...

10CVSS5.8AI score0.02242EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/06/02 12:0 a.m.4 views

PT-2021-15596 · Mcafee · Mcafee Database Security

Name of the Vulnerable Software and Affected Versions: McAfee Database Security versions prior to 4.8.2 Description: The issue allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent...

10CVSS9.1AI score0.02242EPSS
Exploits0References3
CVE
CVE
added 2021/06/01 1:31 p.m.77 views

CVE-2021-3515

CVE-2021-3515 corresponds to a shell-injection flaw in the pglogical extension for PostgreSQL. Affected versions are before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges can craft a database name that enables execution of shell commands as the postgresql user during pglogical.crea...

7.2CVSS6.7AI score0.0046EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/06/01 12:0 a.m.2 views

BlueCMS suffers from SQL injection vulnerability (CNVD-2021-42353)

BlueCMS is a professional local portal system developed by open source combination of PHP + MYSQL, focusing on local portal CMS. BlueCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.6AI score
Exploits0
CNVD
CNVD
added 2021/05/30 12:0 a.m.3 views

SQL Injection Vulnerability in Ricochet Cloud Group Live Code Management System (CNVD-2021-40236)

RikerCloud live code management system is an open source, free, live code system that can be operated online to improve efficiency, get more resources and so on. A SQL injection vulnerability exists in the Ricochet Cloud Live Code Management System. An attacker can exploit this vulnerability to...

7.8AI score
Exploits0
CNVD
CNVD
added 2021/05/26 12:0 a.m.3 views

SQL Injection Vulnerability in Disk Enterprise LCMS (CNVD-2021-40145)

Pan Enterprise LCMS is a WEB application development system. A SQL injection vulnerability exists in Pan Enterprise LCMS, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/05/26 12:0 a.m.2 views

SQL Injection Vulnerability in Wujia Network Backend Management Platform

Wujia Networks is an Internet high-tech enterprise focusing on software and hardware technology research and development. SQL injection vulnerability exists in the background management platform of Wujia Network, which can be exploited by attackers to obtain sensitive information in the database...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/05/26 12:0 a.m.1 views

SQL Injection Vulnerability in PatrolFlow Multiservice Security Gateway Intelligent Management Platform (CNVD-2021-40138)

Beijing Byzoro Network Technology Co., Ltd. is a high-tech enterprise dedicated to building the next-generation secure Internet. PatrolFlow Multi-service Security Gateway Intelligent Management Platform suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain...

7.7AI score
Exploits0
CVE
CVE
added 2021/05/20 1:15 a.m.91 views

CVE-2021-20720

KonaWiki2 is affected by CVE-2021-20720: SQL injection in versions prior to 2.2.4 that allows remote attackers to execute arbitrary SQL commands and obtain/alter data in the application database via unspecified vectors. The vulnerability stems from insufficient input cleansing in KonaWiki2 prior ...

9.8CVSS9.7AI score0.01317EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/05/20 12:0 a.m.5 views

SQL Injection Vulnerability in Rainy Novel cms 1.3.2

Wild Rain Fiction cms hereinafter referred to as KYXSCMS is a content management system that provides a lightweight fiction website solution based on ThinkPHP 5.1 MySQL technology. A SQL injection vulnerability exists in Drizzle Novel cms 1.3.2, which can be exploited by attackers to obtain...

7.7AI score
Exploits0
CNVD
CNVD
added 2021/05/19 12:0 a.m.3 views

SQL Injection Vulnerability in Jacko Web Design Studio Website Building System (CNVD-2021-39106)

Jacko Web Design Studio is an integrated communication agency with services such as website construction, graphic design and advertising production. A SQL injection vulnerability exists in the website building system of Jacko Web Design Studio. An attacker can exploit this vulnerability to obtain...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/05/18 12:0 a.m.3 views

FangfaCMS suffers from SQL injection vulnerability (CNVD-2021-39291)

Method Digital Web Content Management System FangfaCms is an enterprise-level PHPCMS website management system. FangfaCMS suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.7AI score
Exploits0
CNVD
CNVD
added 2021/05/18 12:0 a.m.5 views

SQL Injection Vulnerability in Fish Leap CMS

FishLeap CMS is a content management system specifically geared towards enterprise applications. A SQL injection vulnerability exists in Fishy CMS, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/05/17 12:0 a.m.1 views

SQL Injection Vulnerability in SEMCMS SCSHOP (CNVD-2021-38037)

SCSHOP is a self-developed open source online store btc system. SEMCMS SCSHOP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.8AI score
Exploits0
Rows per page
Query Builder