Lucene search
K

536 matches found

Vulnrichment
Vulnrichment
added 2024/02/02 12:0 a.m.19 views

CVE-2023-48793

Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature...

8.1AI score0.06951EPSS
Exploits0References2
CVE
CVE
added 2024/02/02 12:0 a.m.56 views

CVE-2023-48793

CVE-2023-48793 affects Zoho ManageEngine ADAudit Plus; versions through 7250 are susceptible to SQL injection in the aggregate report feature. The issue is supported by multiple sources (NVD/RH/CNNVD) with a CVSS v3.1 base score of 9.8 (CRITICAL). Remediation per the provided docs is to update to...

9.8CVSS9.8AI score0.06951EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/02/02 12:0 a.m.4 views

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability

ZOHO ManageEngine ADAudit Plus is used by ZOHO to simplify auditing, demonstrate compliance and detect threats. A SQL injection vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to Build 7271, which stems from a vulnerability in the aggregate report feature that is susceptible to SQL...

9.8CVSS7.9AI score0.06951EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/01 12:0 a.m.4 views

PT-2024-13653 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions through 7250 Description: The issue allows SQL Injection in the aggregate report feature. There is no information provided about the estimated number of potentially affected devices worldwide or details...

9.8CVSS8.2AI score0.06951EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.36 views

Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-004)

The version of postgresql installed on the remote host is prior to 14.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2024-004 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from...

8.8CVSS7.5AI score0.04322EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.25 views

Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2024-007)

The version of postgresql installed on the remote host is prior to 12.17-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL12-2024-007 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from...

8.8CVSS7.5AI score0.04322EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/01/08 12:0 a.m.74 views

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2024-464)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-464 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from the end of the unknown-type value to the next zero byte. One typically gets an...

8.8CVSS7.5AI score0.04322EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/12/20 9:45 a.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/20 9:43 a.m.2 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/20 9:41 a.m.4 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/13 3:36 p.m.2 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/13 3:36 p.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/13 8:6 a.m.1 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/13 8:6 a.m.2 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/11 9:59 a.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2023/12/11 8:0 a.m.2 views

Postgresql: memory disclosure in aggregate function calls

...

4.3CVSS7AI score0.02775EPSS
Exploits0
OSV
OSV
added 2023/12/10 6:15 p.m.0 views

ALPINE-CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.3AI score0.02775EPSS
Exploits0References1
OSV
OSV
added 2023/12/10 6:15 p.m.7 views

AZL-32106 CVE-2023-5868 affecting package postgresql for versions less than 14.10-1

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.1AI score0.02775EPSS
Exploits0References1
OSV
OSV
added 2023/12/10 6:15 p.m.24 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6AI score0.02775EPSS
Exploits0References27
OSV
OSV
added 2023/12/10 6:15 p.m.2 views

DEBIAN-CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.1AI score0.02775EPSS
Exploits0References1
Rows per page
Query Builder