Lucene search
K

538 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/20 9:45 a.m.5 views

CVE-2026-6626

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/20 9:45 a.m.36 views

CVE-2026-6626 Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS0.00232EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.8 views

PT-2026-33749

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

Cockpit 安全漏洞

Cockpit is an interactive server management interface developed by Cockpit OpenSource. Versions of Cockpit prior to 2.13.5 contained security vulnerabilities, which were caused by improper neutralization of special elements in the data query logic handled by the Asset Handler/Aggregate Handler...

6.5CVSS6.6AI score0.00232EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: sqlite (UTSA-2026-007210)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007210 advisory. There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a...

7.7CVSS6.7AI score0.73495EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006745)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006745 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References4
NVD
NVD
added 2026/04/06 10:16 p.m.11 views

CVE-2026-35442

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, aggregate functions min, max applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any authenticated...

8.1CVSS0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/06 9:36 p.m.2 views

CVE-2026-35442 Directus: Authenticated Users Can Extract Concealed Fields via Aggregate Queries

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, aggregate functions min, max applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any authenticated...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References1
CVE
CVE
added 2026/04/06 9:36 p.m.17 views

CVE-2026-35442

CVE-2026-35442 affects Directus prior to 11.17.0, where aggregate functions (min/max) on fields with the concealed type can return raw database values instead of masked placeholders. When used with groupBy, any authenticated user with read access to the affected collection can extract concealed v...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:36 p.m.5 views

CVE-2026-35442

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, aggregate functions min, max applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any authenticated...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/04 6:13 a.m.9 views

Directus: Authenticated Users Can Extract Concealed Fields via Aggregate Queries

Summary Aggregate functions min, max applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any authenticated user with read access to the affected collection can extract concealed field values, includi...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/04/04 6:13 a.m.5 views

GHSA-38HG-WW64-RRWC Directus: Authenticated Users Can Extract Concealed Fields via Aggregate Queries

Summary Aggregate functions min, max applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any authenticated user with read access to the affected collection can extract concealed field values, includi...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/04 6:13 a.m.4 views

Incorrect Authorization

Overview directus is a Directus is a real-time API and App dashboard for managing SQL database content. Affected versions of this package are vulnerable to Incorrect Authorization in the aggregate query process when applying min or max functions to fields marked as concealed. An attacker can...

8.6CVSS5.9AI score0.00337EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.8 views

PT-2026-30332

Name of the Vulnerable Software and Affected Versions Directus affected versions not specified Description Aggregate functions min, max applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy, any...

8.1CVSS5.9AI score0.00337EPSS
Exploits0References5
OSV
OSV
added 2026/04/03 1:27 p.m.4 views

JLSEC-2026-43

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.6AI score0.02775EPSS
Exploits0References52
RedHat Linux
RedHat Linux
added 2026/04/02 10:59 a.m.4 views

mariadb: MariaDB Server Crash Due to Empty Backtrace Log

A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...

4.9CVSS6.6AI score0.00432EPSS
Exploits0References5
OSV
OSV
added 2026/03/27 2:7 p.m.4 views

OESA-2026-1769 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

7.7CVSS6.7AI score0.73495EPSS
Exploits4References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.3 views

CVE-2026-31891

Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the MongoLite Aggregation Optimizer. Any deployment where the /api/content/aggregate/model endpoint is...

7.7CVSS5.9AI score0.00397EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/24 7:12 p.m.2 views

EUVD-2026-14976

Parse Server has SQL Injection through aggregate and distinct field names in PostgreSQL adapter...

8.6CVSS5.9AI score0.00452EPSS
Exploits0References5
OSV
OSV
added 2026/03/24 7:12 p.m.5 views

GHSA-P2W6-RMH7-W8Q3 Parse Server has SQL Injection through aggregate and distinct field names in PostgreSQL adapter

Impact An attacker with master key access can execute arbitrary SQL statements on the PostgreSQL database by injecting SQL metacharacters into field name parameters of the aggregate $group pipeline stage or the distinct operation. This allows privilege escalation from Parse Server application-lev...

8.6CVSS6.1AI score0.00452EPSS
Exploits0References7
Rows per page
Query Builder