Lucene search
K

267 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

RHEL 10 : postgresql16 (RHSA-2026:27743)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27743 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...

8.8CVSS6.9AI score0.00668EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.10 views

RHEL 10 : postgresql16 (RHSA-2026:27718)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27718 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...

8.8CVSS6.9AI score0.00668EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

RHEL 9 : postgresql (RHSA-2026:27741)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27741 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system accou...

8.8CVSS7AI score0.00668EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2026/06/22 12:0 a.m.7 views

Important: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2026/06/22 12:0 a.m.5 views

Important: libpq security update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.6 views

MiracleLinux 8 : [security - high] postgresql:15, postgresql-15.18-1.module+el8+1991+27afe6d7 (AXSA:2026-811:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-811:01 advisory. postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause...

8.8CVSS7AI score0.00668EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/19 8:51 a.m.5 views

Security Bulletin: IBM ApplinX is vulnerable to multiple vulnerabilities due to the use of Bouncy Castle library (CVE-2023-33202, CVE-2025-8916, CVE-2026-5588, CVE-2025-14813, CVE-2026-5598, CVE-2026-0636)

Summary IBM ApplinX is vulnerable to an Uncontrolled Resource Consumption vulnerability, an Allocation of Resources Without Limits or Throttling vulnerability, a Use of a Broken or Risky Cryptographic Algorithm, a Covert Timing Channel vulnerability and an Improper Neutralization of Special...

9.9CVSS7.1AI score0.00932EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/17 11:59 a.m.6 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

8.8CVSS5.6AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 11:59 a.m.5 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.5AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 8:59 a.m.7 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 8:2 a.m.6 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 2:10 p.m.5 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Use of a Broken or Risky Cryptographic Algorithm, Covert Timing Channel (CVE-2025-14813, CVE-2026-5598)

Summary There are vulnerabilities in bcprov-jdk18on-1.83.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-14813, CVE-2026-5598. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm...

9.9CVSS5.3AI score0.00691EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/16 12:18 p.m.8 views

Important: Red Hat Security Advisory: postgresql:16 security update

An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS5.6AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 12:18 p.m.5 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 8:5 a.m.9 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS5.4AI score0.00668EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 12:0 a.m.9 views

ALSA-2026:26181 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write...

8.8CVSS5.5AI score0.00668EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.6 views

RHEL 8 : postgresql:15 (RHSA-2026:26181)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26181 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery vi...

8.8CVSS7AI score0.00668EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2026/06/09 9:50 a.m.17 views

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST , needs no native code, no extension, and no permission prompt. You open the page, leave the tab sitting there, and it watches the driv...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.12 views

Hiding the Trees in the Forest: Building Network Covert Channels with Hash-Based Covert Carrier Filtering

As an effective anti-censorship mechanism, network covert channels can provide data privacy protection and ensure communication security. However, the covertness of existing network covert channels primarily depends on the secrecy of their covert algorithms. With the increasing depth of research ...

5.4AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 2:41 p.m.9 views

Security Bulletin: IBM Technical Support Appliance is affected by a timing channel vulnerability in Bouncy Castle BC-JAVA

Summary IBM Technical Support Appliance TSA includes a vulnerable version of the Bouncy Castle BC-JAVA library bcprov-jdk18on-1.78.1.jar. A flaw in the FrodoEngine component may expose information through a covert timing channel, potentially affecting the confidentiality of cryptographic operatio...

9.9CVSS5.5AI score0.00691EPSS
Exploits0Affected Software1
Rows per page
Query Builder