1142 matches found
@starboard/models (>=2.0.0 <=3.0.1), @starboard/shared-backend (=3.0.0) +25 more potentially affected by CVE-2017-16082 via pg (>=6.0.0 <=6.0.4)
pg NPM version =6.0.0, =2.0.0, =0.6.0, =0.0.1, =1.0.0, =0.2.0, =0.1.0, =2.0.2, =1.3.1, =0.0.1, =0.0.4, =0.1.0, =0.3.3 and more Source cves: CVE-2017-16082 Source advisory: OSV:GHSA-WC9V-MJ63-M9G5...
Msploitego - Pentesting Suite For Maltego Based On Data In A Metasploit Database
msploitego leverages the data gathered in a Metasploit database by enumerating and creating specific entities for services. Services like samba, smtp, snmp, http have transforms to enumerate even further. Entities can either be loaded from a Metasploit XML file or taken directly from the Postgres...
CVE-2016-10554
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escapin...
CVE-2016-10554
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escapin...
CVE-2016-10553
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...
CVE-2016-10553
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...
Sql injection
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...
Code injection
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escapin...
CVE-2016-10550
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS If user input goes into the limit or order parameters, a malicious user can put in their own SQL statements. This affects sequeliz...
CVE-2016-10553
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...
CVE-2016-10553
CVE-2016-10553 affects the Node.js ORM sequelize . The vulnerability is a SQL Injection when user input is concatenated into queries, specifically in patterns like findOne or where: "user input". Affected versions are the pre-3.0 releases; the recommended fix is to upgrade to version 3.0.0 or lat...
Sql injection
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped. This...
CVE-2016-10556
sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped. This...
CVE-2016-10556
CVE-2016-10556 affects the Sequelize ORM for Node.js (v3.19.3 and earlier). The issue: when an array is used as a string in a query, Sequelize incorrectly escapes it, causing a SQL injection in Postgres, SQLite, and MSSQL. The PoC shows a crafted replacements value leading to a query like: SELECT...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
PT-2018-5763 · Red Hat +1 · Postgresql +2
Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root acces...