Lucene search
K

26 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.12 views

SUSE SLES15 Security Update : postgresql17 (SUSE-SU-2026:2303-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2303-1 advisory. This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: - CVE-2026-6472: ensure the user...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References33
OSV
OSV
added 2026/06/08 3:27 p.m.10 views

SUSE-SU-2026:2303-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References23
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.12 views

CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

7.2CVSS6AI score0.00287EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/05/18 7:46 a.m.9 views

Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References46
EUVD
EUVD
added 2025/11/26 9:31 p.m.8 views

EUVD-2025-199759

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an unauthenticated user to cause a Denial of Service condition by sending specifically crafted requests containing malicious JSON...

7.5CVSS6.4AI score0.00443EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/26 7:46 p.m.3 views

CVE-2025-12571 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an unauthenticated user to cause a Denial of Service condition by sending specifically crafted requests containing malicious JSON...

7.5CVSS6.5AI score0.00443EPSS
Exploits0References3
CVE
CVE
added 2025/10/27 12:5 a.m.34 views

CVE-2025-10497

GitLab CVE-2025-10497 affects GitLab CE/EE versions: 17.10–18.3.5 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1. An unauthenticated attacker could cause a denial-of-service by sending specially crafted payloads. A patch is available in GitLab 18.5.1 (and related patch releases) to rem...

7.5CVSS6.5AI score0.00588EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/04/10 12:0 a.m.4 views

GitLab Enterprise Edition(EE) 安全漏洞

GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition EE that originates from an attacker being able to perform sensitive keyword searches. The following products and versions are affected:...

7.5CVSS6.3AI score0.00317EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.7 views

PT-2025-15979 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 17.1 through 17.8.6 GitLab EE versions 17.9 through 17.9.5 GitLab EE versions 17.10 through 17.10.3 Description: An issue has been discovered in GitLab EE that allows attackers to perform targeted searches with sensitive...

7.5CVSS5.9AI score0.00317EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.8 views

Microsoft Visual Studio和Microsoft .NET 安全漏洞

Microsoft Visual Studio and Microsoft .NET are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle. Microsoft .NET...

7.5CVSS7.4AI score0.02701EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.5 views

Microsoft Visual Studio and Microsoft .NET Security Vulnerabilities

Microsoft Visual Studio and Microsoft .NET are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle. Microsoft .NET...

8.1CVSS6.8AI score0.02565EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

Zoom Client 安全漏洞

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in Zoom Client versions prior to 5.17.10 that stems from improper privilege management and could allow authenticated users to escalate privileges via local access...

7.8CVSS6.7AI score0.00154EPSS
Exploits0References2
OSV
OSV
added 2024/01/12 3:15 a.m.3 views

DEBIAN-CVE-2022-48619

An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service panic because inputsetcapability mishandles the situation in which an event code falls outside of a bitmap...

5.5CVSS6.5AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2022/06/23 5:15 p.m.7 views

AZL-45402 CVE-2022-29526 affecting package delve 1.5.0-16

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

5.3CVSS6.8AI score0.02593EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/09/14 12:0 a.m.5 views

Microsoft Dynamics Business Central 跨站脚本漏洞

Microsoft Dynamics Business Central is an enterprise resource planning system from Microsoft. The system includes functionality for financial management, project management, and supply chain management. A cross-site scripting vulnerability exists in Microsoft Dynamics Business Central Control. Th...

5.4CVSS6.2AI score0.00983EPSS
Exploits0References3
Gitee
Gitee
added 2020/09/25 11:2 a.m.8 views

MS17-010

This repository is for public analysis of the MS17-010 vulnerability. The vulnerability is related to the SMB Server Message Block protocol and affects Windows operating systems. The repository contains various PoCs Proof of Concepts and exploits for different versions of Windows, including Windo...

8AI score
Exploits0
CNVD
CNVD
added 2018/12/17 12:0 a.m.3 views

Micro Focus Fortify Software Security Center Unauthorized Access Vulnerability

Micro Focus Fortify Software Security Center SSC is a suite of software lifecycle security management solutions from Micro Focus UK. The product includes centralized management of application security, automated auditing and risk management. An unauthorized access vulnerability exists in Micro...

6.5CVSS7.1AI score0.07411EPSS
Exploits4References1
CNVD
CNVD
added 2018/07/27 12:0 a.m.22 views

Linux kernel buffer overflow vulnerability (CNVD-2018-14219)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the 'truncateinlineinode' function in the fs/f2fs/inline.c file in Linux kernel versions 4.17.10 and earlier, which stems fro...

7.1CVSS6.3AI score0.02306EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/27 12:0 a.m.12 views

Linux kernel invalid pointer dereference vulnerability (CNVD-2018-24480)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'delrelocroot' function of the fs/btrfs/relocation.c file in Linux kernel versions 4.17.10 and earlier, where the vulnerable...

7.1CVSS5.8AI score0.02691EPSS
Exploits1References1
OSV
OSV
added 2018/05/16 11:55 a.m.4 views

USN-3648-1 curl vulnerabilities

Dario Weisser discovered that curl incorrectly handled long FTP server command replies. If a user or automated system were tricked into connecting to a malicious FTP server, a remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute...

9.8CVSS7.3AI score0.06003EPSS
Exploits0References3
Rows per page
Query Builder