postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Vulnerabilities existed in versions prior to PostgreSQL 18.2, 17....

CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability

Impact This vulnerability affects applications that: Use the ImageMagick handler for image processing imagick as the image library AND either: Allow file uploads with user-controlled filenames and process uploaded images using the resize method OR use the text method with user-controlled text...

CVE-2025-54418 CodeIgniter4's ImageMagick Handler has Command Injection Vulnerability

CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing imagick as the image library and either allow file uploads with user-controlled filenames and process...

CVE-2025-3272 Incorrect user authorization vulnerability has been identified in Open Text Operations Bridge Manager.

Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4...

CVE-2024-5532

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system...

How to restrict the copy/paste operations on pictures between CWA client and VDA

This article describes how to restrict the copy/paste operations on pictures between CWA client and VDA, only keeping the text copy/paste enabled...

PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service

source: https://www.securityfocus.com/bid/33542/info PHP is prone to a denial-of-service vulnerability because it fails to limit global scope for certain settings relating to Unicode text operations. Attackers can exploit this issue to crash the affected webserver, denying service to legitimate...