CVE-2020-1790
- EPSS 0.58%
- Veröffentlicht 18.02.2020 03:15:10
- Zuletzt bearbeitet 21.11.2024 05:11:23
GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the at...
CVE-2020-1811
- EPSS 0.27%
- Veröffentlicht 18.02.2020 00:15:11
- Zuletzt bearbeitet 21.11.2024 05:11:25
GaussDB 200 with version of 6.5.1 have a command injection vulnerability. Due to insufficient input validation, remote attackers with low permissions could exploit this vulnerability by sending crafted commands to the affected device. Successful expl...
CVE-2020-1853
- EPSS 0.23%
- Veröffentlicht 17.02.2020 21:15:13
- Zuletzt bearbeitet 21.11.2024 05:11:29
GaussDB 200 with version of 6.5.1 have a path traversal vulnerability. Due to insufficient input path validation, an authenticated attacker can traverse directories and download files to a specific directory. Successful exploit may cause information ...