Magic : Security Vulnerabilities, CVEs,
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, because of access to an uninitialized pointer in the array data decoder.
Max CVSS
9.8
EPSS Score
0.32%
Published
2020-08-12
Updated
2023-01-27
Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-12-17
Updated
2017-07-11
2 vulnerabilities found