Lucene search
K

207 matches found

The Hacker News
The Hacker News
added 2 days ago12 views

DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts

A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last week of June 2026 and into early July, per findings from ZeroBEC. "The campaign did not depend on a fake Microsoft password page. It used a...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2 days ago14 views

Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants

Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial intelligence AI platform, that could result in cross-tenant compromise. The one-click vulnerability has been codenamed WriteOut by the Sand...

6.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/01 6:20 p.m.6 views

Important: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 1:11 p.m.9 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS7AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 12:26 p.m.6 views

Important: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.6 views

RHEL 9 : postgresql:15 (RHSA-2026:32983)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:32983 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system accou...

8.8CVSS7AI score0.00668EPSS
Exploits0References10
Rockylinux
Rockylinux
added 2026/06/24 12:1 p.m.8 views

libpq security update

An update is available for libpq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libpq package provides the PostgreSQL client library, which allows client...

8.8CVSS5.9AI score0.00668EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/22 8:17 p.m.10 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 6:5 a.m.8 views

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

8.8CVSS6AI score0.00324EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:40 a.m.10 views

Important: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 12:0 a.m.4 views

ALSA-2026:28037 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite...

8.8CVSS7AI score0.00668EPSS
Exploits0References10
OSV
OSV
added 2026/06/22 12:0 a.m.4 views

ALSA-2026:27743 Important: postgresql16 security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

8.8CVSS6AI score0.00668EPSS
Exploits0References10
OSV
OSV
added 2026/06/22 12:0 a.m.6 views

ALSA-2026:27741 Important: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References10
OSV
OSV
added 2026/06/22 12:0 a.m.4 views

ALSA-2026:27738 Important: libpq security update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

RHEL 10 : postgresql16 (RHSA-2026:27743)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27743 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...

8.8CVSS6.9AI score0.00668EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/17 2:2 p.m.10 views

EUVD-2026-37716

DroneAware is a drone detection platform. The centralized DroneAware server backing droneaware.io was vulnerable to an account pre-hijacking attack in which an attacker could register an account using a victim's email address with an attacker-controlled password before the victim completed accoun...

6.8CVSS5.4AI score0.00184EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/17 11:59 a.m.6 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

8.8CVSS5.6AI score0.00668EPSS
Exploits0References5
OSV
OSV
added 2026/06/17 12:3 a.m.4 views

RLSA-2026:26204 Important: postgresql:18 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite...

8.8CVSS5.5AI score0.00668EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/16 6:3 p.m.10 views

postgresql:16 security update

An update is available for module.pgvector, postgres-decoderbufs, module.postgres-decoderbufs, pgvector, postgresql, module.pgaudit, module.pgrepack, pgaudit, pgrepack, module.postgis, module.postgresql, postgis. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base...

8.8CVSS5.5AI score0.00668EPSS
Exploits0
NVD
NVD
added 2026/06/16 1:16 p.m.12 views

CVE-2026-9507

A session fixation vulnerability has been identified in osTicket v1.18.2. This security flaw allows an attacker to hijack a victim’s account by keeping the initial session identifier OSTSESSID active after a successful login. The issue lies in the fact that the application does not invalidate the...

5.1CVSS0.00403EPSS
Exploits0References1
Rows per page
Query Builder