Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.4 views

SUSE CVE-2022-26520

In pgjdbc before 42.3.3, an attacker who controls the jdbc URL or properties can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat...

6.3CVSS8.2AI score0.02999EPSS
Exploits0References7
OSV
OSV
added 2022/03/11 12:2 a.m.2 views

GHSA-727H-HRW8-JG8Q Path traversal in org.postgresql:postgresql

In pgjdbc before 42.3.3, an attacker who controls the jdbc URL or properties can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat...

9.8CVSS7.2AI score0.02999EPSS
Exploits0References7
OSV
OSV
added 2022/03/10 5:47 p.m.4 views

UBUNTU-CVE-2022-26520

DISPUTED In pgjdbc before 42.3.3, an attacker who controls the jdbc URL or properties can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under...

9.8CVSS7.3AI score0.02999EPSS
Exploits0References4
OSV
OSV
added 2022/02/16 12:8 a.m.2 views

GHSA-673J-QM5F-XPV8 pgjdbc Arbitrary File Write Vulnerability

Overview The connection properties for configuring a pgjdbc connection are not meant to be exposed to an unauthenticated attacker. While allowing an attacker to specify arbitrary connection properties could lead to a compromise of a system, that's a defect of an application that allows...

7.3AI score
Exploits0References3
OSV
OSV
added 2020/11/06 7:15 p.m.24 views

CVE-2020-28328

SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, loggerfilename can refer to an attacker-controlled .php file under the web root...

8.8CVSS7.5AI score
Exploits0References5
CNVD
CNVD
added 2018/03/08 12:0 a.m.2 views

Giribaz File Manager Information Disclosure Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up a personal blog site.Giribaz File Manager plugin is used in one of the file management plugin. A security vulnerability exists in the...

7.5CVSS6.3AI score0.02872EPSS
Exploits1References1
OSV
OSV
added 2014/04/28 2:9 p.m.4 views

DEBIAN-CVE-2014-2980

Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run in daemon mode, does not properly handle the file descriptor for the logger, which allows remote attackers to cause a denial of service abort via an invalid request...

4.3CVSS6.8AI score0.0171EPSS
Exploits1References1
OSV
OSV
added 2014/04/28 2:9 p.m.4 views

UBUNTU-CVE-2014-2980

Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run in daemon mode, does not properly handle the file descriptor for the logger, which allows remote attackers to cause a denial of service abort via an invalid request...

4.3CVSS5.8AI score0.0171EPSS
Exploits1References3
Rows per page
Query Builder