122 matches found
The vulnerability of the IBM Security Guardium information protection mechanism lies in its failure to protect the structure of SQL queries. This allows attackers to view, add, modify, or delete information in the internal database.
The vulnerability of the IBM Security Guardium security tool is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to remotely access, view, add, modify, or delete information in the internal database...
The vulnerability of SAP PowerDesigner, a tool for modeling enterprise architecture, related to inadequate access control, allows attackers to execute arbitrary queries against the internal database.
The vulnerability of SAP PowerDesigner, a tool for modeling enterprise architecture, is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary queries against the internal database through a proxy server...
CVE-2023-41387
A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...
Sql injection
A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...
Flutter Downloader SQL Injection Vulnerability
Flutter Downloader is a plugin for creating and managing download tasks. A security vulnerability exists in Flutter Downloader version 1.11.1 iOS, which stems from the fact that if the application uses the UIFileSharingEnabled and LSSupportsOpeningDocumentsInPlace attributes, the framework's...
CVE-2023-41387
A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...
CVE-2023-41387
A SQL injection in the flutterdownloader component through 1.11.1 for iOS allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of the framework is exposed to the local user if an app uses UIFileSharingEnabled and...
PT-2023-27938 · Unknown · Flutter Downloader
Name of the Vulnerable Software and Affected Versions: flutter downloader versions 1.11.1 and earlier Description: A SQL injection in the flutter downloader component allows remote attackers to steal session tokens and overwrite arbitrary files inside the app's container. The internal database of...
CVE-2023-3264
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or...
CVE-2023-3262
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database.A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or...
Hitachi Energy GMS600, PWC600, and Relion Improper Access Control (CVE-2021-35534)
Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal databas...
PYSEC-2022-43070
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue...
PT-2022-37335 · Apache · Apache Iotdb Grafana-Connector
Name of the Vulnerable Software and Affected Versions: Apache IoTDB grafana-connector version 0.13.0 Description: The issue concerns an interface without proper authorization, potentially exposing the internal database structure. Recommendations: For Apache IoTDB grafana-connector version 0.13.0,...
CVE-2022-20732
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...
Improper access control
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...
CVE-2022-20732
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...
SiPass integrated access control vulnerability (CNVD-2021-100378)
SiPass integrated is an access control system. With the SiPass integrated access control vulnerability, the affected application does not adequately restrict access to the internal active synopsis database. A remote attacker could exploit the vulnerability to read, modify, or delete, among other...
Siemens SiPass Integrated和Siveillance Identity 安全漏洞
SiPass integrated is an access control system. With the SiPass integrated access control vulnerability, the affected application does not adequately restrict access to the internal active synopsis database. A remote attacker could exploit the vulnerability to read, modify, or delete, among other...
CVE-2021-35534
Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal databas...
Security feature bypass
Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal databas...