CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0...

6CVSS7.6AI score0.00283EPSS

Exploits1References2

SUSE CVE•added 2023/02/15 5:59 a.m.•3 views

SUSE CVE-2010-1170

The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltclmodules table regardless of the table's ownership and permissions, which allows remo...

6CVSS7.5AI score0.00283EPSS

Exploits1References7

OSV•added 2020/06/03 6:15 p.m.•3 views

CVE-2020-3204

A vulnerability in the Tool Command Language Tcl interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system OS with root privileges. The vulnerability is due...

6.7CVSS7AI score

Exploits0References1

OSV•added 2019/08/13 8:15 p.m.•2 views

CVE-2019-14984

eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMDEXEC to execute TCL code from a POST request...

8.1CVSS6AI score0.09231EPSS

Exploits1References1

NVD•added 2019/08/13 8:15 p.m.•11 views

CVE-2019-14984

8.1CVSS8.6AI score0.09231EPSS

Exploits1References1

Prion•added 2019/08/13 8:15 p.m.•14 views

Design/Logic Flaw

6.8CVSS8.4AI score0.09231EPSS

Exploits1References1Affected Software2

Cvelist•added 2019/08/13 7:15 p.m.•12 views

CVE-2019-14984

8.6AI score0.09231EPSS

Exploits1References1

Tenable Nessus•added 2010/12/02 12:0 a.m.•36 views

SuSE 11 / 11.1 Security Update : postgresql (SAT Patch Numbers 2457 / 2458)

This update of postgresql fixes several minor security vulnerabilities : - Postgresql does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings. CVE-2010-1975 - The PL/Tcl implementation in postgresql loa...

8.5CVSS8.7AI score0.07672EPSS

Exploits4References12

OpenVAS•added 2010/05/28 12:0 a.m.•28 views

Ubuntu Update for PostgreSQL vulnerabilities USN-942-1

Ubuntu Update for Linux kernel vulnerabilities USN-942-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9421.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for PostgreSQL vulnerabilities USN-942-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

8.5CVSS0.6AI score0.00781EPSS

Exploits1References2

Tenable Nessus•added 2010/05/25 12:0 a.m.•232 views

Debian DSA-2051-1 : postgresql-8.3 - several vulnerabilities

Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-1169 Tim Bunce discovered that the implementation of the procedural language PL/Perl insufficiently...

8.5CVSS8.5AI score0.09972EPSS

Exploits6References10

Ubuntu•added 2010/05/21 5:3 p.m.•72 views

USN-942-1: PostgreSQL vulnerabilities

It was discovered that the Safe.pm module as used by PostgreSQL did not properly restrict PL/perl procedures. If PostgreSQL was configured to use Perl stored procedures, a remote authenticated attacker could exploit this to execute arbitrary Perl code. CVE-2010-1169 It was discovered that...

8.5CVSS8.5AI score0.00781EPSS

Exploits2

NVD•added 2010/05/19 6:30 p.m.•18 views

CVE-2010-1170

6CVSS6.9AI score0.00283EPSS

Exploits1References36

CVE•added 2010/05/19 6:13 p.m.•191 views

CVE-2010-1170

CVE-2010-1170 affects the PL/Tcl implementation in PostgreSQL versions prior to 7.4.29, 8.0 prior to 8.0.25, 8.1 prior to 8.1.21, 8.2 prior to 8.2.17, 8.3 prior to 8.3.11, 8.4 prior to 8.4.4, and 9.0 Beta prior to 9.0 Beta 2. The vulnerability arises because Tcl code is loaded from the pltcl_modu...

6CVSS7.1AI score0.00283EPSS

Exploits1References36Affected Software1

Prion•added 2008/09/11 9:6 p.m.•12 views

Code injection

Unspecified vulnerability in Novell Forum formerly SiteScape Forum 7.0, 7.1, 7.2, 7.3, and 8.0 allows remote attackers to execute arbitrary TCL code via a modified URL. NOTE: this might overlap CVE-2007-6515...

7.5CVSS7.6AI score0.13687EPSS

Exploits5References6Affected Software1

CVE•added 2008/09/11 2:0 p.m.•47 views

CVE-2008-4047

CVE-2008-4047 affects Novell Forum (SiteScape Forum) versions 7.0–8.0. It enables remote attackers to execute arbitrary TCL code by supplying a modified URL, as described in the CVE entry (note possible overlap with CVE-2007-6515). The provided documents confirm the existence of a TCL injection v...

7.5CVSS7.3AI score0.01277EPSS

Exploits4References6Affected Software1

Cvelist•added 2008/09/11 2:0 p.m.•13 views

CVE-2008-4047

7.3AI score0.01277EPSS

Exploits4References6

Prion•added 2007/12/21 10:46 p.m.•15 views

Code injection

support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string...

7.5CVSS7.7AI score0.13687EPSS

Exploits5References7

Rows per page