3914 matches found
The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.
The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Gorse < 0.5.10 - Unauthenticated Database Dump
Gorse 0.5.10 contains an authentication bypass caused by empty adminapikey in /api/dump and /api/restore endpoints, letting unauthenticated remote attackers access and modify protected data, exploit requires default empty adminapikey configuration. id: CVE-2026-56782 info: name: Gorse 0.5.10 -...
MSNSwitch Firmware MNT.2408 - Authentication Bypass
MSNSwitch Firmware MNT.2408 is susceptible to authentication bypass in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh. An attacker can arbitrarily configure settings, leading to possible remote code execution and subsequent unauthorized operations. id: CVE-2022-32429 info: name:...
Linux Distros Unpatched Vulnerability : CVE-2026-53449
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argumen...
CVE-2026-53449
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...
CVE-2026-53449 Coturn: Arbitrary File Write via CLI psd Command
Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...
kernel: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()
A flaw was found in the Linux kernel's nfnetlinkcthelper component. This vulnerability, an out-of-bounds read, occurs in the nfnlcthelperdumptable function when a network connection tracking helper is removed during a dump operation, leading to a bypassed bounds check. A local attacker could...
kernel: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()
A flaw was found in the Linux kernel's nfnetlinkcthelper component. This vulnerability, an out-of-bounds read, occurs in the nfnlcthelperdumptable function when a network connection tracking helper is removed during a dump operation, leading to a bypassed bounds check. A local attacker could...
PYSEC-2026-972 Core dump when loading TFLite models with quantization in TensorFlow
Impact Certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling. Thus, since code was calling...
DEBIAN-CVE-2026-14790
A flaw has been found in GPAC 26.02.0. This affects the function nhmldumpsendframe of the file src/filters/writenhml.c of the component Media File Handler. Executing a manipulation can lead to null pointer dereference. The attack requires local access. The exploit has been published and may be...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the process that handles repository dump creation, which uses release tag names and asset names as filesystem path components. An attacker can manipulate file system paths by providing specially crafted release t...
CVE-2026-28705
Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths...
CVE-2026-28705
Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths...
EUVD-2026-41641
Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths...
CVE-2026-28705 Gitea repository dumps write release assets using unsafe path names
Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths...
SUSE CVE-2026-53097
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in mt7996coredumpunregister. However, the work item dumpwork may still be running or pending,...
PT-2026-55606
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software uses release tag names and asset names as filesystem path components during the process of dumping release assets. This behavior allows specially crafted names to manipulate the resulting...
GHSA-227R-JM2G-7CP4 Steeltoe's sensitive actuators (heapdump/env) only require Restricted permission
Summary All Steeltoe actuator endpoints default to EndpointPermissions.Restricted, which is mapped to Cloud Foundry's readbasicdata permission granted to Space Auditors and similar low-trust roles. Sensitive actuators including heap dump, environment, and thread dump do not raise this to...
Linux Distros Unpatched Vulnerability : CVE-2026-54502
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer...
postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory
A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...