7 matches found
CVE-2020-26207
DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema file. The patch was released in v2.7.4.3. As a workaround, ensure .dbschema files from untrusted sources are not opened...
CVE-2020-26207
DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema file. The patch was released in v2.7.4.3. As a workaround, ensure .dbschema files from untrusted sources are not opened...
CVE-2020-26207
DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema file. The patch was released in v2.7.4.3. As a workaround, ensure .dbschema files from untrusted sources are not opened...
Code injection
DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema file. The patch was released in v2.7.4.3. As a workaround, ensure .dbschema files from untrusted sources are not opened...
CVE-2020-26207 Unsafe deserialization in DatabaseSchemaViewer
DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema file. The patch was released in v2.7.4.3. As a workaround, ensure .dbschema files from untrusted sources are not opened...
CVE-2020-26207
DatabaseSchemaViewer is affected by CVE-2020-26207: versions before 2.7.4.3 allow arbitrary code execution when a user opens a crafted .dbschema file. Root cause is unsafe deserialization triggered by loading the malicious file. The vendor patch is available in v2.7.4.3. As a workaround, avoid op...
Arbitrary Code Execution
DatabaseSchemaViewer is vulnerable to arbitrary code execution. An attacker is able to obtain arbitrary code execution when a user is tricked into opening a malicious .dbschema file...