CVE-2026-10211

creationtimestamp| type| source ---|---|--- 2026-06-01 03:18:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn74n7aq532j...

CVE-2026-10211

A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Affected by this issue is the function normalizerwpath of the file astrbot/core/tools/computertools/fs.py. This manipulation causes incorrect authorization. It is possible to initiate the attack remotely. The exploit has been publicly...

USN-8080-1: YARA vulnerabilities

Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...

CVE-2025-10211

creationtimestamp| type| source ---|---|--- 2025-11-29 09:41:41+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-10211.yaml 2025-12-01 21:02:40+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m6xda5ntpo2f 2026-02-02...

CVE-2025-10211

ChanCMS 3.3.0 contains a server-side request forgery in the CollectController, triggered by manipulating the taskUrl parameter in /cms/collect/getArticle. The issue allows remote attackers to make arbitrary requests from the server. Public disclosures and a Nuclei template detail this SSRF, descr...

CVE-2019-10211

creationtimestamp| type| source ---|---|--- 2024-01-29 15:41:09+00:00| seen| https://t.me/ctinow/175335...

SUSE CVE-2016-10211

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrparserlookuploopvariable function...

CVE-2020-10211

Mitel MiVoice Connect (UCB component) is affected by CVE-2020-10211, prior to version 19.1 SP1. The issue stems from insufficient validation of URL parameters, enabling an unauthenticated remote attacker to execute arbitrary scripts. Reported impact includes access to sensitive information and po...

Security Bulletin: PostgreSQL vulnerabilities in IBM Robotic Process Automation with Automation Anywhere (CVE-2019-10209, 10211, 10210, 10208)

Summary IBM Robotic Process Automation with Automation Anywhere is vulnerable to attacks involving PostgreSQL. Vulnerability Details CVEID: CVE-2019-10209 DESCRIPTION: PostgreSQL could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when user-defined hash...

CVE-2019-10211

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory...

Fedora 29 : postgresql (2019-5fbbf73269)

New upstream release 10.10 Per release notes: https://www.postgresql.org/docs/11/release-10-10.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much a...

Fedora 30 : libpq / postgresql (2019-986fce48b4)

New upstream release 11.5 Per release notes: https://www.postgresql.org/docs/11/release-11-5.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

Fedora Update for postgresql FEDORA-2019-986fce48b4

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PostgreSQL 9.4.x < 9.4.24 / 9.5.x < 9.5.19 / 9.6.x < 9.6.15 / 10.x < 10.10 / 11.x < 11.5 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 9.4.x prior to 9.4.24, 9.5.x prior to 9.5.19, 9.6.x prior to 9.6.15, 10.x prior to 10.10, or 11.x prior to 11.5. It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability that allows an attacker to execute...

KLA11539 Multiple vulnerabilities in PostgreSQL

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A vulnerability in PostgreSQL can be exploited to execute...

CVE-2018-10211

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultizesessionid" value in a cookie...

CVE-2018-10211

Vaultize Enterprise File Sharing 17.05.31 is affected by an improper authorization flaw that allows listing the history of another user by tampering the vaultize_session_id cookie. Root cause: insufficient access controls around user-history data, enabling unauthorized access without an exploited...

CVE-2018-10211

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultizesessionid" value in a cookie...

CVE-2017-10211

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: WebConnect. The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hospitality Suite8. Successf...

CVE-2017-10211

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: WebConnect. The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hospitality Suite8. Successf...