CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/05/30 12:0 a.m.•6 views

SUSE SLES12 Security Update : postgresql15 (SUSE-SU-2025:01749-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:01749-1 advisory. Upgrade to 15.13: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validatio...

5.9CVSS6.7AI score0.00345EPSS

OSV•added 2025/05/29 8:59 p.m.•1 views

GO-2025-3719 Traefik allows path traversal using url encoding in github.com/traefik/traefik

Traefik allows path traversal using url encoding in github.com/traefik/traefik...

9.1CVSS7.1AI score0.00399EPSS

SUSE Linux•added 2025/05/29 1:30 p.m.•1 views

Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.5: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/ Patch Instructions: To...

5.9CVSS7.2AI score0.00345EPSS

OSV•added 2025/05/29 1:30 p.m.•2 views

SUSE-SU-2025:01644-2 Security update for postgresql17

This update for postgresql17 fixes the following issues: Upgrade to 17.5: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/17.5/...

SUSE Linux•added 2025/05/29 12:48 p.m.•1 views

Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.21: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/13.21/ Patch Instructions: T...

5.9CVSS7.2AI score0.00345EPSS

OSV•added 2025/05/29 12:48 p.m.•1 views

SUSE-SU-2025:01750-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.21: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/13.21/...

SUSE Linux•added 2025/05/29 12:44 p.m.•1 views

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.13: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/15.13/ Patch Instructions: T...

5.9CVSS7.2AI score0.00345EPSS

OSV•added 2025/05/29 12:44 p.m.•3 views

SUSE-SU-2025:01749-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.13: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/15.13/...

SUSE Linux•added 2025/05/29 12:42 p.m.•0 views

Security update for postgresql15

5.9CVSS6AI score0.00345EPSS

OSV•added 2025/05/29 12:42 p.m.•1 views

SUSE-SU-2025:01748-1 Security update for postgresql15

Debian•added 2025/05/29 7:18 a.m.•8 views

[SECURITY] [DLA 4187-1] varnish security update

Debian LTS Advisory DLA-4187-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 28, 2025 https://wiki.debian.org/LTS Package : varnish Version : 6.5.1-1+deb11u5 CVE ID : CVE-2025-47905 A client-side desync vulnerability can be triggered in Varnish, a...

5.4CVSS6.3AI score0.0029EPSS

Amazon•added 2025/05/29 12:0 a.m.•2 views

Important: runfinch-finch

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

Tenable Nessus•added 2025/05/29 12:0 a.m.•4 views

Amazon Linux 2 : nerdctl (ALAS-2025-2863)

The version of nerdctl installed on the remote host is prior to 2.0.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2863 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a...

9.1CVSS7.3AI score0.00294EPSS

Exploits0References6

Tenable Nessus•added 2025/05/29 12:0 a.m.•6 views

Debian dla-4187 : libvarnishapi-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4187 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4187-1 [email protected] https://www.debian.org/lts/security/...

5.4CVSS6.1AI score0.0029EPSS

Amazon•added 2025/05/29 12:0 a.m.•6 views

Important: soci-snapshotter

Amazon•added 2025/05/29 12:0 a.m.•2 views

Medium: postgresql

Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...

5.9CVSS6.8AI score0.00345EPSS

Tenable Nessus•added 2025/05/29 12:0 a.m.•5 views

Amazon Linux 2 : oci-add-hooks (ALASNITRO-ENCLAVES-2025-061)

The version of oci-add-hooks installed on the remote host is prior to 0-0.3.20200504git325a340. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-061 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid...

9.1CVSS7AI score0.00294EPSS

Amazon•added 2025/05/29 12:0 a.m.•3 views

Important: oci-add-hooks

Amazon•added 2025/05/29 12:0 a.m.•4 views

Important: oci-add-hooks