Astra Linux - уязвимость в postgresql-11

A vulnerability was discovered in PostgreSQL 12.2, allowing attackers to cause a denial of service by repeatedly sending SIGHUP signals. NOTE: This claim is disputed by the vendor, as untrusted users are unable to send SIGHUP signals; such signals can only be sent by a PostgreSQL superuser, a use...

PT-2026-31344

Name of the Vulnerable Software and Affected Versions Kibana versions affected versions not specified Description Kibana One Workflow contains a Server-Side Request Forgery CWE-918 issue that can lead to information disclosure. An authenticated user with workflow creation and execution privileges...

EUVD-2006-7195

Malware in sbrugna...

EUVD-2009-4524

Malware in sbrugna...

EUVD-2009-1079

Malware in sbrugna...

PT-2025-1448 · Google · Android

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows access to media content belonging to another user due to a missing permission check. This could lead to local information disclosure with no additional execution privilege...

Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev commit b5f1eacd and the forked version of Gerbv commit d7f42a9a. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a...

August 10, 2021—KB5005033 (OS Builds 19041.1165, 19042.1165, and 19043.1165)

August 10, 2021—KB5005033 OS Builds 19041.1165, 19042.1165, and 19043.1165 EXPIRATION NOTICEIMPORTAN T As of 9/12/2023, this KB is only available from Windows Update. It is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices t...

CVE-2017-11467

OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request...

CVE-2017-11467

OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request...

CVE-2017-11467

OrientDB 2.2.x is affected by CVE-2017-11467: the product fails to enforce privilege requirements during where, fetchplan, and order by operations, enabling remote attackers to run arbitrary OS commands via a crafted request. Impact is consistent with a high-severity command-injection-style vulne...

Code injection

MosP kintai kanri before 4.1.0 does not enforce privilege requirements, which allows remote authenticated users to read other users' information via unspecified vectors...

CVE-2012-4020

MosP kintai kanri before 4.1.0 does not enforce privilege requirements, which allows remote authenticated users to read other users' information via unspecified vectors...

Information disclosure

IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third...

CVE-2011-1847

CVE-2011-1847 affects IBM DB2 9.5 prior to FP7 and 9.7 prior to FP4 on Linux/Unix/Windows. The issue stems from the Relational Data Services component failing to enforce privilege requirements for table access, allowing remote authenticated users to update SYSSTAT.TABLES statistics columns via UP...

CVE-2009-4558

The Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-07-15, a module for Drupal, does not properly enforce privilege requirements for unspecified pages, which allows remote attackers to read the 1...

CVE-2009-4558

Affected software: Drupal Image Assist module (modules) versions 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-07-15. Vulnerability: The module does not properly enforce privilege requirements for unspecified page...

CVE-2009-4515

The Storm module 6.x before 6.x-1.25 for Drupal does not enforce privilege requirements for storminvoiceitem nodes, which allows remote attackers to read node titles via unspecified vectors...

CVE-2009-4526

The CVE-2009-4526 entry affects the Drupal module Print (aka Printer, e-mail and PDF versions), specifically the Send by e-mail sub-module. Affected versions are 5.x before 5.x-4.9 and 6.x before 6.x-1.9. The vulnerability arises from not properly enforcing privilege requirements, allowing remote...

CVE-2009-4515

The Storm module for Drupal (6.x before 6.x-1.25) does not enforce privilege requirements for storminvoiceitem nodes, allowing remote attackers to read node titles via unspecified vectors. This affects confidentiality (partial). No exploit details are provided in the documents. Remediation: upgra...