8 matches found
Fedora 40 : pgadmin4 / python-jsonformatter (2024-15df3b6d95)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-15df3b6d95 advisory. Update to pgadmin4-8.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user
pgAdmin prior to version 8.4 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is...
GHSA-RJ98-CRF4-G69W pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user
pgAdmin prior to version 8.4 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is...
CVE-2024-2044
pgAdmin = 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on...
CVE-2024-2044 Unsafe Deserialisation and Remote Code Execution by an Authenticated user in pgAdmin 4
pgAdmin = 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on...
CVE-2024-2044 Unsafe Deserialisation and Remote Code Execution by an Authenticated user in pgAdmin 4
pgAdmin = 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on...
NTP Privilege Escalation
Source: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ Introduction Problem description: The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as ro...
NTP - Local Privilege Escalation
Source: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ Introduction Problem description: The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as ro...