PT-2026-41796

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.38.1 Description The row action trigger endpoint "POST /api/tables/:sourceId/actions/:actionId/trigger" fails to validate if the user-supplied rowId is within the scope of the view's row filters. This allows a user...

EUVD-2021-21528

Malware in sbrugna...

Amazon Linux 2023 : postgresql16, postgresql16-contrib, postgresql16-llvmjit (ALAS2023-2025-1177)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1177 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy...

OESA-2025-2104 postgresql-13 security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

CVE-2024-47104

IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A user with authority to a view can alter the based-on physical file security attributes without having object management rights to the physical file. A malicious actor can use the elevated...

SUSE-SU-2024:0551-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.6: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...

UBUNTU-CVE-2021-37746

textviewurisecuritycheck in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click...

Secure Mail Archive with Space Permissions

Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visible to all space users. REQUEST: Apply Restrict Space Permissions to Mail Archive Same behavior as for Pages, restricting ability to search or view mail archive based on permissions. S...

Secure Mail Archive with Space Permissions

Mail Archives in a Space are currently not subject to any Read / View security context Permissions. They are visible to all space users. REQUEST: Apply Restrict Space Permissions to Mail Archive Same behavior as for Pages, restricting ability to search or view mail archive based on permissions. S...

VMware View Server Directory Traversal Vulnerability (VMSA-2012-0017)

The version of VMware View Server installed on the remote host is potentially affected by a directory traversal vulnerability in the Connection Server and View Security Server. This may allow a remote attacker to read arbitrary files from the system. C Tenable Network Security, Inc...

VMware View critical directory traversal vulnerability

DDI Vulnerability Research Team VRT for reported a critical vulnerability in VMware View Server , that is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive...

VMware View critical directory traversal vulnerability

DDI Vulnerability Research Team VRT for reported a critical vulnerability in VMware View Server , that is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive...

CVE-2012-5978

Multiple directory traversal vulnerabilities in the 1 View Connection Server and 2 View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors...

Solaris Update for edit, ex, vedit, vi and view 110904-08

Check for the Version of edit, ex, vedit, vi and view OpenVAS Vulnerability Test Solaris Update for edit, ex, vedit, vi and view 110904-08 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Mole Group Vacation Estate Listing Script - Blind SQL Injection

Mole Group Vacation Estate Listing Script - Blind SQL Injection Vacation Estate Listing Blind Sql Autore: x0r Email: [email protected] Site: http://w00tz0ne.altervista.org/index.php Cms Demo: http://vacation.mole-group.com/ Bug in \propertiesview.php Exploit: propertiesview.php?editid1=2 and...

SOL8178 - MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303

Information about these advisories is available at the following locations: An authenticated user who can issue SQL commands could crash the database server. A malicious user with filesystem access could cause data loss on the filesystem. VIEW definition updates do not occur correctly, allowing a...