PT-2025-23192 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 11.5.0 through 11.5.9 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 12.1.0 through 12.1.1 Description: The issue allows an authenticated user ...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

CVE-2024-33008

SAP Replication Server allows an attacker to use gateway for executing some commands to RSSD. This could result in crashing the Replication Server due to memory corruption with high impact on Availability of the system...

CVE-2023-26918

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:F access...

CVE-2022-26501

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control issue 1 of 2...

CVE-2021-21976

vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution...

CVE-2021-39231

In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configuration...

CVE-2020-36695

Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux Device Manager Server component, Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID,...

CVE-2020-25201

HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...

CVE-2020-15518

VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2025-2506

CVE-2025-2506 affects pglogical 3.x (proprietary to EDB) with integration into BDR/PGD 4/5. The issue arises when pglogical attempts replication without verifying it is on a replication connection, enabling a user with CONNECT on a replication-configured database to run pglogical commands and rea...

CVE-2025-2506

When pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access to a database configured for replication can execute the pglogical command to obtain read access to replicated tables. When pglogical runs it should verify it...

CVE-2019-19802

In Gallagher Command Centre Server v8.10 prior to v8.10.1134MR4, v8.00 prior to v8.00.1161MR5, v7.90 prior to v7.90.991MR5, v7.80 prior to v7.80.960MR2 and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without...

CVE-2017-9298

Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code...

CVE-2013-3272

EMC Replication Manager RM before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an unspecified decoding attack...

PT-2025-22494 · Pglogical +1 · Pglogical +1

Name of the Vulnerable Software and Affected Versions: pglogical versions 3.x BDR/PGD versions 4 and 5 Description: The issue arises when pglogical attempts to replicate data without verifying if it is using a replication connection. This allows a user with CONNECT access to a database configured...