Lucene search
K

3405 matches found

FreeBSD
FreeBSD
added 2023/11/09 12:0 a.m.30 views

postgresql-server -- Role pg_cancel_backend can signal certain superuser processes

PostgreSQL Project reports: Documentation says the pgcancelbackend role cannot signal "a backend owned by a superuser". On the contrary, it can signal background workers, including the logical replication launcher. It can signal autovacuum workers and the autovacuum launcher. Signaling autovacuum...

4.4CVSS7.3AI score0.02555EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/08 12:47 p.m.22 views

Security Bulletin: Data Replication on Cloud Pak for Data vulnerabile to Apache James MIME4J vulnerability

Summary A vulnerability in Apache James MIME4J is addressed. Vulnerability Details CVEID:CVE-2022-45787 DESCRIPTION: Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information, caused by improper laxist permissions on the temporary files. By sending a...

5.5CVSS5.9AI score0.00271EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/08 12:42 p.m.24 views

Security Bulletin: A systemd vulnerability affects Data Replication on Cloud Pak for Data (CVE-2022-4415)

Summary This bulletin covers a vulnerability finding in the systemd package used with this product. Vulnerability Details CVEID:CVE-2022-4415 DESCRIPTION: systemd could allow a local authenticated attacker to obtain sensitive information, caused by not respecting fs.suiddumpable kernel setting in...

5.5CVSS5.3AI score0.00867EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/08 12:37 p.m.41 views

Security Bulletin: A vulnerability in Node.js http-cache-semantics package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in Node.js http-cache-semantics package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression denial of...

7.5CVSS6.8AI score0.01613EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/08 12:0 a.m.3 views

PT-2023-6889 · Unknown +11 · Postgresql +10

Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: The issue is related to the pg signal backend role in PostgreSQL, which allows signaling certain superuser processes. This can be exploited by a remote high-privileged user to launch a...

8.8CVSS6AI score0.04322EPSS
Exploits1References234
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 9:50 p.m.36 views

Security Bulletin: Multiple vulnerabilities in jsonwebtoken package affects Data Replication on Cloud Pak for Data

Summary Multiple vulnerabilities in jsonwebtoken package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2022-23541 DESCRIPTION: Auth0 jsonwebtoken could allow a remote authenticated attacker to bypass security restrictions, caused by an insecure...

8.1CVSS7.2AI score0.00753EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 9:43 p.m.24 views

Security Bulletin: A vulnerability in Node.js bl package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in Node.js bl package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer over-read flaw in the consume...

6.5CVSS6.6AI score0.02123EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 9:39 p.m.28 views

Security Bulletin: An unspecified IBM SDK, Java Technology Edition vulnerability affects InfoSphere Data Replication

Summary An unspecified IBM SDK, Java Technology Edition vulnerability is addressed. Vulnerability Details CVEID:CVE-2022-21626 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a...

5.3CVSS5.3AI score0.01746EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 9:27 p.m.34 views

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition affects InfoSphere Data Replication

Summary Multiple vulnerabilities in IBM SDK, Java Technology Edition used in InfoSphere Data Replication was addressed. Vulnerability Details CVEID: CVE-2023-21930 DESCRIPTION: An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could...

7.4CVSS6.8AI score0.01523EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 9:20 p.m.24 views

Security Bulletin: A vulnerability in Golang Go package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in Golang Go package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID: CVE-2022-41723 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in the HPACK decoder. By sending a specially-crafted HTTP/2 stream, ...

7.5CVSS6.6AI score0.04561EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 9:16 p.m.41 views

Security Bulletin: Multiple vulnerabilities in Golang Go package affects Data Replication on Cloud Pak for Data

Summary Multiple vulnerabilities in Golang Go package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2022-27664 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted request, a remot...

7.5CVSS7.7AI score0.02513EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 9:10 p.m.22 views

Security Bulletin: A vulnerability in tar package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in tar package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID:CVE-2022-48303 DESCRIPTION: GNU Tar is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the fromheader function in list.c when processing ...

5.5CVSS6.7AI score0.04524EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 9:8 p.m.35 views

Security Bulletin: A vulnerability in SnakeYaml package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in SnakeYaml package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID: CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in...

9.8CVSS7.8AI score0.99615EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/07 8:35 p.m.32 views

Security Bulletin: A vulnerability in libksba package affects Data Replication on Cloud Pak for Data

Summary A vulnerability in libksba package used in Data Replication on Cloud Pak for Data was addressed. Vulnerability Details CVEID: CVE-2022-47629 DESCRIPTION: Libksba could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the CRL signature parse...

9.8CVSS8AI score0.0155EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.22 views

Rocky Linux 8 : mysql:8.0 (RLSA-2020:3732)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:3732 advisory. mysql: Server: Security: Privileges multiple unspecified vulnerabilities CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774,...

7.2CVSS6.5AI score0.03726EPSS
Exploits1References209
Fedora
Fedora
added 2023/11/03 7:1 p.m.25 views

[SECURITY] Fedora 39 Update: redis-7.2.2-1.fc39

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

3.6CVSS7.2AI score0.00444EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/10/31 2:31 a.m.2 views

SUSE CVE-2020-2763

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...

4.9CVSS6AI score0.02199EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/31 2:31 a.m.3 views

SUSE CVE-2020-2759

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS6AI score0.02199EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/31 2:31 a.m.2 views

SUSE CVE-2020-2921

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...

4.4CVSS5.7AI score0.01828EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/31 2:31 a.m.4 views

SUSE CVE-2020-2926

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication GCS. Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.4CVSS5.7AI score0.01854EPSS
Exploits0References2
Rows per page
Query Builder