10 matches found
CVE-2026-24013 Apache IoTDB: Authentication Bypass via Forged SessionID in Thrift RPC
Authentication Bypass by Spoofing vulnerability in Apache IoTDB. Certain Thrift RPC query handlers lack strict validation of the sessionId parameter. An attacker can construct requests with a forged sessionId and, without performing openSession authentication, receive valid query results. This...
Fedora: Security Advisory for fb303 (FEDORA-2023-7934802344)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: fb303-2023.10.16.00-1.fc39
fb303 is a base Thrift service and a common set of functionality for querying stats, options, and other information from a service...
Fedora: Security Advisory for fb303 (FEDORA-2023-17efd3f2cd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for fb303 (FEDORA-2023-2a9214af5f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: fb303-2023.10.16.00-1.fc38
fb303 is a base Thrift service and a common set of functionality for querying stats, options, and other information from a service...
VMware vRealize Log Insight Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/thrift' require 'rex/stopwatch' class MetasploitModule 'VMware vRealize Log Insight Unauthenticated RCE', 'Description' = %q VMware vRealize Log...
VMware vRealize Log Insight Unauthenticated Remote Code Execution Exploit
VMware vRealize Log Insights versions 8.x contain multiple vulnerabilities, such as directory traversal, broken access control, deserialization, and information disclosure. When chained together, these vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands on the...
VMware vRealize Log Insight Unauthenticated RCE
VMware vRealize Log Insights versions v8.x contains multiple vulnerabilities, such as directory traversal, broken access control, deserialization, and information disclosure. When chained together, these vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands on the...
Apache HBase Security Restriction Bypass Vulnerability
Apache HBase is the United States Apache Apache Software Foundation, a set of column-oriented distributed database built on Apache Hadoop and Apache ZooKeeper. The database is suitable for unstructured data storage. A security vulnerability exists in Apache Hbase version 1.x and version 2.x. An...