Lucene search
K

536 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:24 p.m.2 views

Malicious code in Be.Vlaаnderen.Basisregіsters.AggregateSource (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:24 p.m.6 views

Malicious code in Be.Vlaаnderen.Basіsregisters.AggregatеSource.Testiոg.NUnit (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:24 p.m.3 views

Malicious code in Be.Vlaаndereո.Basisregіsters.AggregateSourcе (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:23 p.m.4 views

Malicious code in Bе.Vlaaոderen.Basisregisters.AggregateSource.Testing.SqlStreamStore (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/05/20 6:15 p.m.5 views

CVE-2023-49331

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option...

8.8CVSS5.8AI score0.03005EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/20 5:35 p.m.18 views

CVE-2023-49331

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option...

8.3CVSS7.9AI score0.03005EPSS
Exploits0References1
CVE
CVE
added 2024/05/20 5:35 p.m.70 views

CVE-2023-49331

CVE-2023-49331 concerns Zoho ManageEngine ADAudit Plus, with versions below 7271 affected by SQL injection in the aggregate reports search option. The vulnerability description across sources consistently states that the issue allows injection through user-controllable input in the aggregate repo...

8.8CVSS7.8AI score0.03005EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/05/20 1:15 p.m.2 views

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data...

8.8CVSS5.8AI score0.02288EPSS
Exploits0References1
NVD
NVD
added 2024/05/20 1:15 p.m.22 views

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data...

8.8CVSS8.8AI score0.02288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/20 12:19 p.m.20 views

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data...

8.3CVSS8.2AI score0.02288EPSS
Exploits0References1
CVE
CVE
added 2024/05/20 12:19 p.m.61 views

CVE-2023-49330

CVE-2023-49330 concerns Zoho ManageEngine ADAudit Plus. Affected versions are those below build 7271, where the issue enables SQL injection when fetching aggregated report data. The root cause is unsafely handling aggregate-report data that allows injection, leading to potential data disclosure o...

8.8CVSS8.1AI score0.02288EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/20 12:19 p.m.24 views

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data...

8.3CVSS8.8AI score0.02288EPSS
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2024/03/18 12:0 a.m.33 views

USN-6538-1: PostgreSQL vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information...

8.8CVSS8.1AI score0.04322EPSS
Exploits0Affected Software2
RedHat Linux
RedHat Linux
added 2024/03/12 3:4 p.m.4 views

kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead

An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.8AI score0.00274EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/03/12 12:0 a.m.53 views

EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2024-1289)

According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain...

8.8CVSS7.3AI score0.04322EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:2 a.m.29 views

BIT-POSTGRESQL-2023-5868 Postgresql: memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.6AI score0.02775EPSS
Exploits0References28
RedHat Linux
RedHat Linux
added 2024/02/26 8:53 p.m.4 views

kernel: use-after-free in sch_qfq network scheduler

A use-after-free flaw was found in qfqdequeue and aggdequeue in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This issue may allow a local user to crash the system or escalate their privileges on the system...

7.8CVSS7.2AI score0.00396EPSS
Exploits1References5
OSV
OSV
added 2024/02/13 11:13 a.m.4 views

CLSA-2024-1707822783 Fix CVE(s): CVE-2023-5868, CVE-2023-5870

SECURITY UPDATE: Memory disclosure in aggregate function calls - debian/patches/CVE-2023-5868.patch: Compute aggregate argument types correctly in transformAggregateCall. - CVE-2023-5868 SECURITY UPDATE: Role "pgsignalbackend" can signal certain superuser processes -...

4.4CVSS6.7AI score0.02775EPSS
Exploits0References1
OSV
OSV
added 2024/02/02 2:15 a.m.3 views

CVE-2023-48793

Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature...

9.8CVSS5.9AI score0.06951EPSS
Exploits0References2
NVD
NVD
added 2024/02/02 2:15 a.m.37 views

CVE-2023-48793

Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature...

9.8CVSS10AI score0.06951EPSS
Exploits0References2
Rows per page
Query Builder