Lucene search
K

10064 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.2 views

Photon OS 5.0: Postgresql14 PHSA-2026-5.0-0762

An update of the postgresql14 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0762. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.8CVSS5.1AI score0.01208EPSS
Exploits3References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/13 12:0 a.m.2 views

postgresql15-15.16-1.1 on GA media (moderate)

postgresql15-15.16-1.1 on GA media Announcement ID: openSUSE-SU-2026:10191-1 Rating: moderate Cross-References: CVE-2026-2003 CVE-2026-2004 CVE-2026-2005 CVE-2026-2006 Affected Products: openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. Description: These are all...

8.8CVSS5.5AI score0.01208EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-2003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks...

4.3CVSS5.8AI score0.00281EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/12 6:41 p.m.6 views

CVE-2026-2003

A type validation flaw has been discovered in postgresql. Improper validation of the type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely. Mitigation Mitigation for this issu...

4.3CVSS5.6AI score0.00281EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/12 2:16 p.m.3 views

CVE-2026-2003

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

4.3CVSS5.8AI score0.00281EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/12 1:0 p.m.5 views

CVE-2026-2003

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

4.3CVSS5.5AI score0.00281EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:39 a.m.6 views

CVE-2003-1276

Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEYCURRENTUSER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts...

4.6CVSS7AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:39 a.m.15 views

CVE-2003-1582

Microsoft Internet Information Services IIS 6.0, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inver...

2.6CVSS6.2AI score0.10325EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:39 a.m.7 views

CVE-2003-1595

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors...

10CVSS7.1AI score0.01669EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:39 a.m.10 views

CVE-2003-1568

GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an invalid URL, related to the websSafeUrl function...

5CVSS7AI score0.01635EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:38 a.m.6 views

CVE-2003-1335

Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple and nice index file aka snif before 1.2.5 allows remote attackers to download files from locations above the snif directory...

5CVSS7.1AI score0.01549EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:38 a.m.6 views

CVE-2003-1323

Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors...

6.8CVSS6.7AI score0.00851EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:38 a.m.12 views

CVE-2003-1521

Sun Java Plug-In 1.4 through 1.4.202 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model...

6.4CVSS7.2AI score0.05836EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.9 views

CVE-2003-1569

GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service daemon crash via an HTTP request with a 1 con, 2 nul, 3 clock$, or 4 config$ device name in a path component, different vectors than CVE-2001-0385...

5CVSS7AI score0.0839EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.7 views

CVE-2003-1596

NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session...

7.5CVSS7.1AI score0.02005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.14 views

CVE-2003-1004

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service dropped IPSec tunnel connection via an IKE Phase I negotiation request to the outside interface of the firewall...

5CVSS7AI score0.01273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:37 a.m.6 views

CVE-2003-1246

NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver IPD 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command...

2.1CVSS6.8AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:21 a.m.7 views

CVE-2008-6819

win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service system crash via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084. NOTE: some of the...

7.2CVSS6.4AI score0.06753EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:15 a.m.6 views

CVE-2019-2003

In addLinks of Linkify.java, there is a possible phishing vector due to an unusual root cause. This could lead to remote code execution or misdirection of clicks with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

9.3CVSS7.9AI score0.0137EPSS
Exploits0References1
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2026/01/08 7:40 p.m.6 views

Happy 23rd Birthday TaoSecurity Blog

Happy birthday TaoSecurity Blog, born on this day in 2003! The best way to digest the key lessons from this site is to browse my four volume Best of TaoSecurity Blog book series, published in 2020. It's available in print as seen here, or as a properly formatted HTML-based digital book -- none of...

6.8AI score
Exploits0
Rows per page
Query Builder