2121 matches found
Hardcoded credentials
Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT statement in api/schema.sql...
CVE-2018-10723
Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT statement in api/schema.sql...
CVE-2018-10723
Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT statement in api/schema.sql...
CVE-2018-10723
Directus 6.4.9 contains a hardcoded admin password for the Admin account caused by an INSERT in api/schema.sql. Multiple sources (CNVD-2018-09196, NVD CVE-2018-10723, OSV, PRION) describe this as an elevation of privilege/vector involving a hardcoded credential, enabling potential administrator a...
CVE-2018-10723
Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT statement in api/schema.sql...
openSUSE Security Update : phpMyAdmin (openSUSE-2018-387)
This update for phpMyAdmin to version 4.8.0.1 fixes the following issues : - CVE-2018-10188: Possible execution of arbitrary SQL statements via manipulated URLs boo1090309 This version also contains a number of upstream changes, improvements, new functions and bug fixes. %NASLMINLEVEL 70300 C...
phpMyAdmin 4.8.0 4.8.0-1 - Cross-Site Request Forgery
phpMyAdmin 4.8.0 4.8.0-1 - Cross-Site Request Forgery Exploit Title: phpMyAdmin 4.8.0 Drop database 3. Solution: Upgrade to phpMyAdmin 4.8.0-1 or newer. 4. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188...
CVE-2016-10438
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD...
Information disclosure
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD...
PT-2018-3928 · Apache +1 · Apache Hive Jdbc Driver +1
Name of the Vulnerable Software and Affected Versions: Apache Hive JDBC driver versions 0.7.1 through 2.3.2 Oracle Business Intelligence Enterprise Edition Analytics Server affected versions not specified Description: The issue allows an attacker to bypass argument escaping in the JDBC driver's...
Sql injection
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
DEBIAN-CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
UBUNTU-CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
mobilejoomla, 2.1.24, malcious redirects
mobilejoomla,2.1.24, malicious redirects. google adsense file added that may redirect all sites adsense revenue to the developer. File is not deleted on removing extension. Developer statement Extension Update Details Previously the free version of the Mobile extension added a file called ads.txt...
CVE-2018-8740
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...
CVE-2017-13232
In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Version...
Design/Logic Flaw
In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Version...
Threat Outbreak Alert RuleID31959: Email Messages Distributing Malicious Software on February 9, 2018
Medium Alert ID: 56780 First Published: 2018 February 9 20:07 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID31959 may contain the following files: Name |...