CVE-2026-9617

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

PostgreSQL Anonymizer 安全漏洞

PostgreSQL Anonymizer is an open-source extension developed by DALIBO in France, designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. PostgreSQL Anonymizer has a security vulnerability that stems from allowing users to obtain...

Linux Distros Unpatched Vulnerability : CVE-2026-2361

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing...

CVE-2026-2360

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...

CVE-2026-2361 Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user with create privilege to gain superuser privileges

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...

CVE-2025-55282

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of searchpath restriction, an attacke...

aiven-db-migrate 路径遍历漏洞

aiven-db-migrate is an Aiven open source application. A path traversal vulnerability exists in aiven-db-migrate versions prior to 1.0.7, which stems from an elevation of privilege vulnerability that could lead to superuser privilege acquisition...

CVE-2025-48376

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser Host could craft a request to use an external url for a site export to then be imported. Version 9.13.9 fixes the issue...

DNN site Import could use an external source with a crafted request

A malicious SuperUser Host could craft a request to use an external url for a site export to then be imported...

Security bulletin: Authentication bypass vulnerability in IBM SAN Volume Controller and Storwize Family (CVE-2012-6354)

Problem Security bulletin: Authentication bypass vulnerability in IBM SAN Volume Controller and Storwize Family CVE-2012-6354 Resolving The Problem Security Bulletin --- Summary --- Administrative access to the system via the GUI may be obtained without supplying proper credentials. Vulnerability...

SUSE CVE-2008-3825

pamkrb5 2.2.14 in Red Hat Enterprise Linux RHEL 5 and earlier, when the existingticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename a...

DHIS 2 安全漏洞

DHIS 2 is a software application. A flexible information system for data capture, management, validation, analysis and visualization. A security vulnerability exists in DHIS 2 core versions 2.34, 2.35, 2.36, 2.37, 2.38, and 2.39, which originates from the fact that a DHIS 2 user who has the right...

Security bulletin: Authentication bypass vulnerability in IBM SAN Volume Controller and Storwize Family (CVE-2012-6354)

Abstract Administrative access to the system via the GUI may be obtained without supplying proper credentials. Content VULNERABILITY DETAILS CVEID: CVE-2012-6354 DESCRIPTION: The vulnerability can be exploited by a user with access to the system's management IP interface. If successful the user c...

Security Bulletin: Unauthorized access exposure on IBM SAN Volume Controller and Storwize Family (CVE-2013-2251 CVE-2013-2248 CVE-2013-2135 CVE-2013-2134 CVE-2013-2115 CVE-2013-1966 CVE-2013-1965)

Abstract Administrative access to the system via the IP interface may be obtained without authentication. Content VULNERABILITY DETAILS: CVEID: CVE-2013-2251 CVE-2013-2248 CVE-2013-2135 CVE-2013-2134 CVE-2013-2115 CVE-2013-1966 CVE-2013-1965 DESCRIPTION: The vulnerabilities can be exploited by a...

[SECURITY] Fedora 31 Update: sudo-1.8.28-1.fc31

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

FortiWLC-SD Privilege escalation vulnerability using copy running-config

The lack of input sanitisation for CLI command 'copy running-config' allows a user with 'admin' or 'superuser' privilege level to gain shell on the FortiWLC-SD with root privilege...

Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities

No description provided by source. BLUE MOON SECURITY ADVISORY 2008-09 =================================== :Title: Two buffer overflows in Maxum Rumpus :Severity: Critical :Reporter: Blue Moon Consulting :Products: Maxum Rumpus v6.0 :Fixed in: 6.0.1 Description ----------- Rumpus turns any Mac in...

[BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0

BLUE MOON SECURITY ADVISORY 2008-09 =================================== :Title: Two buffer overflows in Maxum Rumpus :Severity: Critical :Reporter: Blue Moon Consulting :Products: Maxum Rumpus v6.0 :Fixed in: 6.0.1 Description ----------- Rumpus turns any Mac into a file transfer server. Rumpus...

Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities

Maxum Rumpus 6.0 - Multiple Remote Buffer Overflow Vulnerabilities BLUE MOON SECURITY ADVISORY 2008-09 =================================== :Title: Two buffer overflows in Maxum Rumpus :Severity: Critical :Reporter: Blue Moon Consulting :Products: Maxum Rumpus v6.0 :Fixed in: 6.0.1 Description...

moinmoin -- superuser privilege escalation

MoinMoin team reports: A check in the userform processing was not working as expected and could be abused for ACL and superuser privilege escalation...