12 matches found
GO-2026-4329 Pterodactyl endlessly reprocesses/reuploads activity log data due to SQLite max parameters limit not being considered in github.com/pterodactyl/wings
Pterodactyl endlessly reprocesses/reuploads activity log data due to SQLite max parameters limit not being considered in github.com/pterodactyl/wings...
CVE-2026-21696
Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Starting in version 1.7.0 and prior to version 1.12.0, Wings does not consider SQLite max parameter limit when processing activity log entries allowing for low privileged user to trigger a conditi...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop due to improper handling of the SQLite maximum parameter limit in the activitycron component. An attacker can cause the system to repeatedly re-upload and reprocess the same activity log data by triggering a condition wher...
CVE-2026-21696 Endless reprocessing/reupload of activity log data due to SQLite max parameters limit not being considered
Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Starting in version 1.7.0 and prior to version 1.12.0, Wings does not consider SQLite max parameter limit when processing activity log entries allowing for low privileged user to trigger a conditi...
CVE-2026-21696 Endless reprocessing/reupload of activity log data due to SQLite max parameters limit not being considered
Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Starting in version 1.7.0 and prior to version 1.12.0, Wings does not consider SQLite max parameter limit when processing activity log entries allowing for low privileged user to trigger a conditi...
CVE-2024-4138
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can enable/disable the sharing rule of other users affecting the integrity of the application...
CVE-2024-4138 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can enable/disable the sharing rule of other users affecting the integrity of the application...
CVE-2024-4138 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can enable/disable the sharing rule of other users affecting the integrity of the application...
CVE-2024-4139
Brings CVE-2024-4139: SAP S/4HANA Manage Bank Statement ReProcessing Rules suffers from missing authorization checks for authenticated users, enabling privilege escalation. Affected component is the rule management module; attacker can delete other users’ rules, compromising integrity. Confidenti...
CVE-2024-4139 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can delete rules of other users affecting the integrity of the application. Confidentiality and...
Important: Red Hat Enhancement Advisory: ACS 4.3 enhancement update
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. Release of ACS 4.3 provides these changes: New features: Increased support for hardware and software Vulnerability reporting 2.0 is generally available Watch and scan...
Vega 输入验证错误漏洞
Vega is a Javscript-based software from the Vega team that can be used to create interactive visual displays. The software can describe data visualizations using JSON format and generate interactive views using HTML5 Canvas or SVG. Vega version 0.71.5 suffers from an input validation error...