25101 matches found
PT-2026-25612
Name of the Vulnerable Software and Affected Versions OpenLiteSpeed and LSWS Enterprise versions affected versions not specified Description OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection issue. An attacker with administrative privileges can...
EulerOS 2.0 SP10 : python-urllib3 (EulerOS-SA-2026-1348)
According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by...
PT-2026-25547
Name of the Vulnerable Software and Affected Versions mlflow versions prior to 3.7.0 Description A command injection issue exists due to the direct interpolation of user-supplied container image names into shell commands without proper sanitization. These commands are then executed using the...
GHSA-GC25-M8G6-JP4F vulnerabilities
Vulnerabilities for packages: chromium...
Security Bulletin: Vulnerability in libxml2 (CVE-2025-8732) affects AIX/VIOS
Summary Updated Mar 13 2026: Added iFix information for VIOS 3.1. Vulnerability in libxml2 could cause an uncontrolled recursion CVE-2025-8732. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2025-8732 DESCRIPTION: A vulnerability was found in libxml2 up to...
CVE-2026-25817
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have improper neutralization of special elements used in an OS command allowing remote code execution by attackers with low privilege access on the gateway,...
Apple Security Advisory 03-11-2026-1
Apple Security Advisory 03-11-2026-1 - iOS 16.7.15 and iPadOS 16.7.15 addresses memory corruption issues...
ROS-20260313-73-0021
A vulnerability in the raid10makerequest function of the raid10 component of the raid10 kernel of the Linux operating system is related to the failure to free memory after an effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2026-29775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap out- of-bounds read/write occurs in FreeRDP's bitmap cache...
postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code
A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the pgcrypto component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code
A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the pgcrypto component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code
A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the pgcrypto component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...
postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code
A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the pgcrypto component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database...