11 matches found
CVE-2025-8904
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...
CVE-2025-8904
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...
CVE-2025-8904
The CVE-2025-8904 issue involves Amazon EMR Secret Agent storing Kerberos credentials in a keytab file under /tmp, which could be accessed by other users and lead to privilege escalation. Affected software: Amazon EMR Secret Agent component. Root cause: keytab with Kerberos credentials is written...
CVE-2025-8904 Privilege escalation issue in Amazon EMR Secret Agent component
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...
Amazon EMR 安全漏洞
Amazon EMR is a hosted clustering platform from Amazon.com, USA. A security vulnerability exists in Amazon EMR that stems from a keytab file stored in the /tmp/ directory that could lead to elevation of privilege...
CVE-2022-29053
A missing cryptographic steps vulnerability CWE-325 in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it...
Amazon Linux AMI : postgresql8 (ALAS-2015-556)
A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. CVE-2015-3165 It was discovered that PostgreSQL did not proper...
Medium: postgresql8
Issue Overview: A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. CVE-2015-3165 It was discovered that PostgreSQ...
CentOS Update for postgresql CESA-2015:1194 centos6
Check the version of postgresql SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882214";...
postgresql: unanticipated errors from the standard library
It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system was in a state that would cause the standard library functions to fail for example, memory exhaustion, an authenticated user could possibly exploit this flaw to disclose...
postgresql: unanticipated errors from the standard library
It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system was in a state that would cause the standard library functions to fail for example, memory exhaustion, an authenticated user could possibly exploit this flaw to disclose...