CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

222 matches found

Tenable Nessus•added 2026/04/17 12:0 a.m.•0 views

Unity Linux 20.1070a Security Update: libpq (UTSA-2026-007266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007266 advisory. Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocati...

5.9CVSS6.5AI score0.00048EPSS

Exploits0References4

OSV•added 2026/03/05 12:0 a.m.•1 views

OPENSUSE-SU-2026:10291-1 libsoup-2_4-1-2.74.3-18.1 on GA media

These are all security issues fixed in the libsoup-24-1-2.74.3-18.1 package on the GA media of openSUSE Tumbleweed...

5.8CVSS5.8AI score0.00074EPSS

Exploits1References3

SUSE CVE•added 2026/02/13 12:26 a.m.•2 views

SUSE CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.8AI score0.00021EPSS

Exploits0References7

ATTACKERKB•added 2026/02/12 1:0 p.m.•3 views

CVE-2026-2007

8.2CVSS5.8AI score0.00021EPSS

Exploits0References2

Cvelist•added 2026/02/12 1:0 p.m.•19 views

CVE-2026-2007 PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory

8.2CVSS0.00021EPSS

Exploits0References1

Vulnrichment•added 2026/01/16 5:6 p.m.•1 views

CVE-2024-54556

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen...

5.8AI score0.00008EPSS

Exploits0References1

ATTACKERKB•added 2026/01/16 5:6 p.m.•2 views

CVE-2024-44238

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to corrupt coprocessor memory...

7.8CVSS5.4AI score0.00008EPSS

Exploits0References2

OPENSUSE Linux•added 2025/12/02 12:0 a.m.•2 views

libecpg6-18.1-1.1 on GA media (moderate)

libecpg6-18.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15789-1 Rating: moderate Cross-References: CVE-2025-12817 CVE-2025-12818 CVSS scores: CVE-2025-12817 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVE-2025-12817 SUSE : 5.3...

8.8CVSS7.2AI score0.00061EPSS

Exploits0

OSV•added 2025/11/15 8:15 a.m.•1 views

UBUNTU-CVE-2025-11865

An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have allowed an attacker to remove Duo flows of another user...

5.3CVSS5.8AI score0.00017EPSS

Exploits0References2

CVE•added 2025/11/15 8:3 a.m.•34 views

CVE-2025-11865

GitLab EE contains an Incorrect Authorization issue (CVE-2025-11865) that could allow an attacker to remove Duo MFA flows belonging to another user. Affected versions are GitLab EE 18.1–18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2. The root cause is described as improper authorization check...

5.3CVSS6.5AI score0.00017EPSS

Exploits0References2Affected Software1

CNNVD•added 2025/11/15 12:0 a.m.•2 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab EE versions 18.1 through 18.3 prior ...

5.3CVSS6.6AI score0.00017EPSS

Exploits0References2

SUSE CVE•added 2025/11/14 12:33 a.m.•1 views

SUSE CVE-2025-12818

Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions...

8.8CVSS7AI score0.00048EPSS

Exploits0References37

NVD•added 2025/11/13 1:15 p.m.•1 views

CVE-2025-12817

Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before...

3.1CVSS0.00061EPSS

Exploits0References1

Positive Technologies•added 2025/11/13 12:0 a.m.•1 views

PT-2025-46824

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.1 PostgreSQL versions 13.23 and earlier PostgreSQL versions 14.20 and earlier PostgreSQL versions 15.15 and earlier PostgreSQL versions 16.11 and earlier PostgreSQL versions 17.7 and earlier Description An integ...

5.9CVSS6.1AI score0.00061EPSS

Exploits0References123