16 matches found
EUVD-2019-5686
Malware in sbrugna...
EUVD-2020-21432
Malware in sbrugna...
OPENSUSE-SU-2022:0054-1 Security update for sphinx
This update for sphinx fixes the following issues: - CVE-2020-29050: SphinxSearch in Sphinx Technologies Sphinx allows directory traversal in conjunction with CVE-2019-14511 because the mysql client can be used for CALL SNIPPETS and loadfile operations on a full pathname e.g., a file in the /etc...
CVE-2020-29050
SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal in conjunction with CVE-2019-14511 because the mysql client can be used for CALL SNIPPETS and loadfile operations on a full pathname e.g., a file in the /etc directory. NOTE: this is unrelated to CMUSphinx...
Directory traversal
SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal in conjunction with CVE-2019-14511 because the mysql client can be used for CALL SNIPPETS and loadfile operations on a full pathname e.g., a file in the /etc directory. NOTE: this is unrelated to CMUSphinx...
CVE-2020-29050
SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal in conjunction with CVE-2019-14511 because the mysql client can be used for CALL SNIPPETS and loadfile operations on a full pathname e.g., a file in the /etc directory. NOTE: this is unrelated to CMUSphinx...
CVE-2020-29050
CVE-2020-29050 affects SphinxSearch in Sphinx Technologies Sphinx up to version 3.1.1, enabling directory traversal via the mysql client for CALL SNIPPETS and load_file with full pathnames (unrelated to CMUSphinx). The issue, often discussed with CVE-2019-14511, has been addressed in multiple Lin...
MGASA-2020-0087 Updated sphinx packages fix security vulnerability
Updated sphinx packages fix security vulnerability: A vulnerability was found in Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet, unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only CVE-2019-14511...
Updated sphinx packages fix security vulnerability
Updated sphinx packages fix security vulnerability: A vulnerability was found in Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet, unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only CVE-2019-14511...
CVE-2019-14511
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only...
CVE-2019-14511
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only...
Authentication flaw
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only...
CVE-2019-14511
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only...
CVE-2019-14511
CVE-2019-14511 affects Sphinx Technologies Sphinx up to version 3.1.1. By default, the service has no authentication and listens on 0.0.0.0, exposing it to the Internet unless firewall rules or a reconfiguration restrict it to 127.0.0.1. This creates reliance on network controls for exposure. Rel...
CVE-2019-14511
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only...
CVE-2019-14511
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only...