6 matches found
AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in multer-1.4.5-lts.2.tgz
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in multer-1.4.5-lts.2.tgz Vulnerability Details CVEID:CVE-2025-47935 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. Versions prior to 2.0.0 are vulnerable to a resource...
Arbitrary Argument Injection
Overview @conventional-changelog/git-client is a Simple git client for conventional changelog packages. Affected versions of this package are vulnerable to Arbitrary Argument Injection via the getTags API which allows specifying extra parameters passed to the git log command. An attacker can...
Linux Distros Unpatched Vulnerability : CVE-2017-20162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The...
Improper Neutralization
Overview Affected versions of this package are vulnerable to Improper Neutralization via the handling of SMTP message input. An attacker can inject arbitrary SMTP commands by supplying specially crafted input containing carriage return and line feed characters. Remediation Upgrade...
PT-2024-20587 · Icinga +1 · Icinga Director +3
Name of the Vulnerable Software and Affected Versions: Icinga Director versions 1.x Icinga Director versions 1.8 through 1.11 Description: Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the...