Lucene search
K

52 matches found

Fedora
Fedora
added 4 days ago9 views

[SECURITY] Fedora 44 Update: prometheus-3.13.0-1.fc44

The Prometheus monitoring system and time series database...

9.3CVSS6.1AI score0.00397EPSS
Exploits1
Fedora
Fedora
added 4 days ago8 views

[SECURITY] Fedora 43 Update: prometheus-3.13.0-1.fc43

The Prometheus monitoring system and time series database...

9.3CVSS6.1AI score0.00397EPSS
Exploits1
Fedora
Fedora
added 2026/06/23 1:9 a.m.7 views

[SECURITY] Fedora 44 Update: prometheus-3.12.0-1.fc44

The Prometheus monitoring system and time series database...

7.5CVSS5.8AI score0.00761EPSS
Exploits1
Fedora
Fedora
added 2026/06/23 12:54 a.m.6 views

[SECURITY] Fedora 43 Update: prometheus-3.12.0-1.fc43

The Prometheus monitoring system and time series database...

7.5CVSS5.8AI score0.00761EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48533

🚨 CVE-2026-42542 TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are...

7.5CVSS5.3AI score0.00539EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.13 views

CVE-2026-42087

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database TSDB component of COSMOS. The tsdblookup function in the...

9.6CVSS5.9AI score0.00323EPSS
Exploits1References1
NVD
NVD
added 2026/05/04 6:16 p.m.19 views

CVE-2026-42087

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database TSDB component of COSMOS. The tsdblookup function in the...

9.6CVSS0.00323EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/04 5:18 p.m.37 views

CVE-2026-42087 OpenC3 COSMOS: SQL Injection in QuestDB Time-Series Data Base

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database TSDB component of COSMOS. The tsdblookup function in the...

9.6CVSS0.00323EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/04 5:18 p.m.7 views

CVE-2026-42087 OpenC3 COSMOS: SQL Injection in QuestDB Time-Series Data Base

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database TSDB component of COSMOS. The tsdblookup function in the...

9.6CVSS6AI score0.00323EPSS
Exploits1References3
CVE
CVE
added 2026/05/04 5:18 p.m.23 views

CVE-2026-42087

OpenC3 COSMOS TSDB is affected by a SQL injection in the tsdb_lookup function of cvt_model.rb, where user-supplied input is directly placed into a SQL query. Affected versions are 6.7.0 through 7.0.0-rc2 (before the patched 7.0.0-rc3). This allows an attacker to break out of the initial SQL state...

9.6CVSS6AI score0.00323EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/05/04 5:18 p.m.16 views

EUVD-2026-27063

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database TSDB component of COSMOS. The tsdblookup function in the...

9.6CVSS6AI score0.00323EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:18 p.m.8 views

CVE-2026-42087

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database TSDB component of COSMOS. The tsdblookup function in the...

9.6CVSS6AI score0.00323EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/05/04 5:18 p.m.3 views

CVE-2026-42087 OpenC3 COSMOS: SQL Injection in QuestDB Time-Series Data Base

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to before version 7.0.0-rc3, a SQL injection vulnerability exists in the Time-Series Database TSDB component of COSMOS. The tsdblookup function in the...

9.6CVSS6.1AI score0.00323EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

OpenC3 COSMOS SQL注入漏洞

OpenC3 COSMOS is an open-source application developed by OpenC3. In versions 6.7.0 to 7.0.0-rc3 of OpenC3 COSMOS, there was a SQL injection vulnerability. This vulnerability stemmed from the tsdblookup function in the Time-Series Database component, which directly accepted user input without prop...

9.6CVSS5.8AI score0.00323EPSS
Exploits1References1
OSV
OSV
added 2026/04/23 2:12 p.m.7 views

GHSA-V529-VHWC-WFC5 OpenC3 COSMOS has SQL Injection in QuestDB Time-Series Database

Vulnerability Type: CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' Attack type: Authenticated remote Impact: Telemetry data disclosure and deletion Affected components: openc3-tsdb QuestDB A SQL injection vulnerability exists in the Time-Series Database...

9.6CVSS6.2AI score0.00323EPSS
Exploits1References6
Snyk
Snyk
added 2026/04/23 2:12 p.m.4 views

SQL Injection

Overview openc3 is a Python support for OpenC3 COSMOS Affected versions of this package are vulnerable to SQL Injection via the query construction in the TSDB access code. An attacker can execute arbitrary TSDB queries by supplying crafted starttime, endtime, or column/table-related values that a...

9.6CVSS6.1AI score0.00323EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/04/15 11:16 p.m.8 views

CVE-2026-40179

Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...

6.1CVSS6.1AI score0.0024EPSS
Exploits0References3
CNVD
CNVD
added 2026/03/16 12:0 a.m.3 views

Apache IoTDB Improper Input Validation Vulnerability

Apache IoTDB is an open source time series database developed by Apache Software Foundation for large-scale time series data storage and analysis in IoT scenarios. Apache IoTDB suffers from an improper input validation vulnerability. The vulnerability arises because the system does not perform...

9.8CVSS6.1AI score0.00662EPSS
Exploits0
Fedora
Fedora
added 2026/03/07 3:33 a.m.14 views

[SECURITY] Fedora 42 Update: prometheus-3.10.0-1.fc42

The Prometheus monitoring system and time series database...

7.5CVSS5.8AI score0.00626EPSS
Exploits1
Fedora
Fedora
added 2026/03/07 2:25 a.m.12 views

[SECURITY] Fedora 43 Update: prometheus-3.10.0-1.fc43

The Prometheus monitoring system and time series database...

7.5CVSS7.3AI score0.00626EPSS
Exploits0
Rows per page
Query Builder