536 matches found
CVE-2023-48793
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature...
CVE-2023-48793
CVE-2023-48793 affects Zoho ManageEngine ADAudit Plus; versions through 7250 are susceptible to SQL injection in the aggregate report feature. The issue is supported by multiple sources (NVD/RH/CNNVD) with a CVSS v3.1 base score of 9.8 (CRITICAL). Remediation per the provided docs is to update to...
ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability
ZOHO ManageEngine ADAudit Plus is used by ZOHO to simplify auditing, demonstrate compliance and detect threats. A SQL injection vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to Build 7271, which stems from a vulnerability in the aggregate report feature that is susceptible to SQL...
PT-2024-13653 · Zoho · Zoho Manageengine Adaudit Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions through 7250 Description: The issue allows SQL Injection in the aggregate report feature. There is no information provided about the estimated number of potentially affected devices worldwide or details...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-004)
The version of postgresql installed on the remote host is prior to 14.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2024-004 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2024-007)
The version of postgresql installed on the remote host is prior to 12.17-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL12-2024-007 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from...
Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2024-464)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-464 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from the end of the unknown-type value to the next zero byte. One typically gets an...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
Postgresql: memory disclosure in aggregate function calls
...
ALPINE-CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
AZL-32106 CVE-2023-5868 affecting package postgresql for versions less than 14.10-1
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
DEBIAN-CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...