14 matches found
EUVD-2024-41693
Malicious code in bioql PyPI...
CVE-2025-10452
Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents with high-level privileges...
CVE-2025-10452 Gotac|Statistical Database System - Missing Authentication
Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents with high-level privileges...
Amazon Linux 2 : pcp (ALAS-2024-2657)
The version of pcp installed on the remote host is prior to 4.3.2-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2657 advisory. A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP...
CVE-2024-45770
A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...
CVE-2024-45770
A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...
CVE-2024-45770 Pcp: pmpost symlink attack allows escalating pcp to root user
A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...
CVE-2024-45770
A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges...
K73522927: BIG-IP Appliance mode vulnerability CVE-2019-6633
Security Advisory Description When the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions. CVE-2019-6633 Impact This vulnerability allows the attacker to exploit the system with high-level...
CVE-2022-41214
Due to insufficient input validation, SAP NetWeaver Application Server ABAP and ABAP Platform allows an attacker with high level privileges to use a remote enabled function to delete a file which is otherwise restricted. On successful exploitation an attacker can completely compromise the integri...
F5 BIG-IP TMUI Remote Command Execution Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A remote command execution vulnerability exists in the F5 BIG-IP TMUI, which can be exploited by an authenticated attacker wi...
F5 Networks BIG-IP : BIG-IP Appliance mode vulnerability (K11330536)
When the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator rolecan bypass Appliance mode restrictions.CVE-2019-6635 Impact BIG-IP This vulnerability allows local attackers with high-level privileges to overwrite arbitrary files. This...
F5 Networks BIG-IP : BIG-IP Appliance mode vulnerability (K73522927)
When the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions. CVE-2019-6633 Impact This vulnerability allows the attacker to exploit the system with high-level privileges to read and modify the...
Integrate Your Ticketing System into Database Security to Prevent DBA Privilege Abuse
Many of the recent high-profile data security breaches were made by trusted insiders. They are often database administrators DBAs who are highly privileged and trusted insiders with access to sensitive data. In this blog post, I will discuss the inherent risk introduced by highly privileged...