19 matches found
EUVD-2024-34051
Malicious code in bioql PyPI...
CVE-2025-29902
Remote code execution that allows unauthorized users to execute arbitrary code on the server machine...
CVE-2025-29902
CVE-2025-29902 is described as remote code execution enabling unauthorized users to execute arbitrary code on the server. Connected documents link affected software as Bosch RTS VLink/Telex RDC Server and related components (e.g., Apache HTTP Server in PT-2025-25233), with remediation guidance no...
CVE-2022-35404
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine...
Veeam ONE creates or changes local accounts of the "Veeam_*" format at the Veeam ONE server machine
Challenge Veeam ONE creates or changes local accounts of the "Veeam" format on the Veeam ONE server machine. Cause This behavior is a part of the Veeam ONE design. Veeam ONE creates these temporary Windows accounts for login and authentication operations between Veeam ONE components and VMware...
CVE-2020-16136
In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine accessible by the owner of the server process via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files,...
CVE-2020-16136
In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine accessible by the owner of the server process via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files,...
CVE-2020-16136
In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine accessible by the owner of the server process via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files,...
Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2017-1341)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-15097
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
CVE-2009-5041
overkill has buffer overflow via long player names that can corrupt data on the server machine...
CVE-2009-5041
overkill has buffer overflow via long player names that can corrupt data on the server machine...
Privilege Escalation
PostgreSQL is vulnerable to privilege escalation. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
EulerOS 2.0 SP3 : squid (EulerOS-SA-2019-1044)
According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Cross-Site Scripting vulnerability has been discovered in squid in the way X.509 certificates fields are displayed in some error pages. An...
CVE-2019-6545
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI formerly InTouch Machine Edition prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary process on the server...
Apache Tika Server exposes sensitive information
Apache Tika provides optional functionality to run itself as a web service to allow remote use. When used in this manner, it's possible for a 3rd party to pass a 'fileUrl' header to the Apache Tika Server tika-server before version 1.10. This header lets a remote client request that the server...
CVE-2017-15097
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
CVE-2017-15097
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...
postgresql: Start scripts permit database administrator to modify root-owned files
Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine...