Lucene search
K

7 matches found

Snyk
Snyk
•added 2026/06/07 4:44 p.m.•14 views

Arbitrary Code Injection

Overview dbgate-api is an Allows run DbGate data-manipulation scripts. Affected versions of this package are vulnerable to Arbitrary Code Injection in the loadReader function in runners.js. The functionName parameter can be injected with arbitrary JavaScript, which is executed with the privileges...

8.8CVSS5.6AI score0.0051EPSS
Exploits1References2
Positive Technologies
Positive Technologies
•added 2026/06/05 12:0 a.m.•22 views

PT-2026-47062

🚨 Multiple Critical Vulnerabilities Disclosed in DbGate Several severe vulnerabilities in DbGate can allow attackers to achieve remote code execution: • CVE-2026-47668 - Unauthenticated RCE via JSON Script Runner dbgate-serve • CVE-2026-47669 - Zip Slip arbitrary file write leading to RCE •...

6AI score0.00336EPSS
Exploits2References1
Snyk
Snyk
•added 2026/05/19 9:0 p.m.•15 views

Command Injection

Overview dbgate-api is an Allows run DbGate data-manipulation scripts. Affected versions of this package are vulnerable to Command Injection via the functionName parameter in the /runners/load-reader endpoint. An attacker can execute arbitrary operating system commands as the process user root in...

9.9CVSS5.9AI score0.00289EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
•added 2025/09/05 7:7 a.m.•4 views

Security Bulletin: Common vulnerabilities fixed in Cloudera Data Platform Private Cloud Base 7.1.9 SP1

Summary Common vulnerabilities fixed in Cloudera Data Platform Private Cloud Base 7.1.9 SP1 Vulnerability Details CVEID:CVE-2022-24785 DESCRIPTION: Moment.js could allow a remote attacker to traverse directories on the system, caused by improper validation of user supplied input. An attacker coul...

7.5CVSS6.7AI score0.05664EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
•added 2025/08/27 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2019-17565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and chunked encoding. Upgrade to...

9.8CVSS8.1AI score0.03088EPSS
Exploits0References2
OSV
OSV
•added 2020/03/23 10:15 p.m.•4 views

DEBIAN-CVE-2020-1944

There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.9 and 8.0.6 or later versions...

9.8CVSS8.4AI score0.02667EPSS
Exploits0References1
OSV
OSV
•added 2020/03/23 10:15 p.m.•3 views

DEBIAN-CVE-2019-17559

There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and scheme parsing. Upgrade to versions 7.1.9 and 8.0.6 or later versions...

9.8CVSS8.4AI score0.03088EPSS
Exploits0References1
Rows per page
Query Builder