Lucene search
K

30 matches found

FreeBSD
FreeBSD
added 2026/01/10 12:0 a.m.8 views

mail/mailpit -- Cross-Site WebSocket Hijacking

Mailpit author reports: The Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailp...

6.5CVSS6.8AI score0.00208EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/12/16 4:31 a.m.2 views

CVE-2025-13956 LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...

5.3CVSS4.9AI score0.00917EPSS
Exploits0References2
OSV
OSV
added 2025/10/24 10:15 a.m.3 views

CVE-2025-5605

An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known...

5.3CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2025/10/13 2:33 p.m.3 views

SUSE-SU-2025:03019-2 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References7
OSV
OSV
added 2025/09/11 10:21 a.m.3 views

SUSE-SU-2025:03005-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...

8.8CVSS8.2AI score0.00709EPSS
Exploits1References7
OSV
OSV
added 2025/09/11 10:21 a.m.1 views

SUSE-SU-2025:03005-2 Security update for postgresql16

This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...

8.8CVSS8.2AI score0.00709EPSS
Exploits1References7
Mageia
Mageia
added 2025/09/08 7:35 p.m.6 views

Updated postgresql15 & postgresql13 packages fix security vulnerabilities

PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. CVE-2025-8713 PostgreSQL pgdump lets superuser of origin server execute arbitrary code in psql client. CVE-2025-8714 PostgreSQL pgdump newline in object name executes arbitrary code in psql client an...

8.8CVSS7.9AI score0.00709EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

SUSE SLES15: postgresql14 / postgresql14-contrib / postgresql14-devel / etc (SUSE-SU-2025:03019-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03019-1 advisory. Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child...

8.8CVSS7.4AI score0.00709EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

SUSE SLES15: postgresql15 / postgresql15-contrib / postgresql15-devel / etc (SUSE-SU-2025:03030-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03030-1 advisory. Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc124812...

8.8CVSS7.4AI score0.00709EPSS
Exploits1References10
OSV
OSV
added 2025/08/29 3:13 p.m.3 views

SUSE-SU-2025:03031-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS6.3AI score0.00709EPSS
Exploits1References7
OSV
OSV
added 2025/08/29 3:12 p.m.2 views

SUSE-SU-2025:03030-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS6.3AI score0.00709EPSS
Exploits1References7
SUSE Linux
SUSE Linux
added 2025/08/29 8:32 a.m.3 views

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References12
OSV
OSV
added 2025/08/29 8:32 a.m.1 views

SUSE-SU-2025:03020-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References7
OSV
OSV
added 2025/08/29 8:31 a.m.1 views

SUSE-SU-2025:03018-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/08/28 10:24 a.m.4 views

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...

3.1CVSS7AI score0.00205EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/28 12:0 a.m.4 views

SUSE SLES15: libecpg6 / libpq5 / libpq5-32bit / postgresql17 / etc (SUSE-SU-2025:02995-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02995-1 advisory. Updated to 17.6: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc12481...

8.8CVSS7.7AI score0.00709EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/08/28 12:0 a.m.2 views

SUSE SLES12: postgresql15 / postgresql15-contrib / postgresql15-devel / etc (SUSE-SU-2025:03004-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03004-1 advisory. Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. -...

8.8CVSS7.4AI score0.00709EPSS
Exploits1References10
SUSE Linux
SUSE Linux
added 2025/08/27 1:42 p.m.2 views

Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.22: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...

8.8CVSS8AI score0.00709EPSS
Exploits1References12
OSV
OSV
added 2025/08/27 12:1 p.m.4 views

SUSE-SU-2025:02995-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: Updated to 17.6: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...

8.8CVSS8AI score0.00709EPSS
Exploits1References7
OSV
OSV
added 2025/08/27 12:0 p.m.4 views

SUSE-SU-2025:02994-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.22: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS7.7AI score0.00709EPSS
Exploits1References7
Rows per page
Query Builder