Lucene search
+L

125 matches found

OSV
OSV
added 2026/06/22 12:0 a.m.4 views

ALSA-2026:27743 Important: postgresql16 security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

8.8CVSS6AI score0.00668EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

RHEL 10 : postgresql18 (RHSA-2026:27742)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27742 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...

8.8CVSS6.9AI score0.00668EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.6 views

MiracleLinux 8 : [security - high] postgresql:15, postgresql-15.18-1.module+el8+1991+27afe6d7 (AXSA:2026-811:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-811:01 advisory. postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause...

8.8CVSS7AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 11:59 a.m.9 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.5AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 8:59 a.m.10 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 8:2 a.m.10 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
OSV
OSV
added 2026/06/17 12:0 a.m.5 views

RLSA-2026:26181 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write...

8.8CVSS5.4AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 12:18 p.m.7 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 12:18 p.m.11 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.5AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 8:5 a.m.9 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.7 views

RHEL 8 : postgresql:15 (RHSA-2026:26181)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26181 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery vi...

8.8CVSS7AI score0.00668EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the use of hardcoded DES keys for encrypting configuration backups, which may allow attackers to decry...

7.1CVSS5.4AI score0.00104EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/29 5:36 p.m.107 views

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

Simple-CTF-Writeup Professional TryHackMe Simple CTF walkthrou...

8.1CVSS7.4AI score0.55958EPSS
Exploits38
RedhatCVE
RedhatCVE
added 2026/05/28 11:5 a.m.11 views

CVE-2026-6478

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.7AI score0.00558EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/26 11:31 p.m.2 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS6.6AI score0.00558EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.12 views

SUSE CVE-2026-44061

Netatalk 1.5.0 through 4.4.2 uses DES-ECB for authentication with a timing side channel, which allows a remote attacker to recover authentication credentials via timing analysis...

5.9CVSS5.8AI score0.00389EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 7:34 a.m.9 views

CVE-2026-44061 DES-ECB auth with timing side channel

Netatalk 1.5.0 through 4.4.2 uses DES-ECB for authentication with a timing side channel, which allows a remote attacker to recover authentication credentials via timing analysis...

5.9CVSS5.8AI score0.00389EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/21 7:34 a.m.8 views

CVE-2026-44061

Netatalk 1.5.0 through 4.4.2 uses DES-ECB for authentication with a timing side channel, which allows a remote attacker to recover authentication credentials via timing analysis...

5.9CVSS5.8AI score0.00389EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 1.5.0 to 4.4.2 of Netatalk have security vulnerabilities. These vulnerabilities stem from the use of DES-ECB for authenticatio...

5.9CVSS5.9AI score0.00389EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42417

Name of the Vulnerable Software and Affected Versions Netatalk versions 1.5.0 through 4.4.2 Description The software uses DES-ECB Data Encryption Standard in Electronic Codebook mode for authentication, which is susceptible to a timing side channel. This allows a remote attacker to recover...

5.9CVSS5.8AI score0.00389EPSS
Exploits0References2
Rows per page
Query Builder