Lucene search
K

145 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 11:43 p.m.4 views

CVE-2026-47770

A flaw was found in jq, a command-line JSON processor. This vulnerability allows a local user or an attacker providing malicious input to cause a denial of service DoS by comparing two sufficiently deeply nested arrays using the '==' operator. This action exhausts the C stack due to uncontrolled...

6.8CVSS5.7AI score0.00111EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libseccomp

In versions of libsseccomp before 2.4.0, 64-bit syscall argument comparisons using arithmetic operators LT, GT, LE, GE were not generated correctly. This issue could potentially allow bypassing seccomp filters and leading to potential privilege escalations...

9.8CVSS6.8AI score0.03041EPSS
Exploits0References1
OSV
OSV
added 2026/06/16 11:6 p.m.2 views

OPENSUSE-SU-2026:20970-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2026/05/29 3:30 p.m.14 views

Security update for postgresql14

This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References36
SUSE Linux
SUSE Linux
added 2026/05/27 7:56 a.m.14 views

Security update for postgresql14

This update for postgresql14 fixes the following issues Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against malicious time zone names...

8.8CVSS6AI score0.00668EPSS
Exploits0References36
OSV
OSV
added 2026/05/27 7:56 a.m.8 views

SUSE-SU-2026:2085-1 Security update for postgresql15

This update for postgresql15 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References18
SUSE Linux
SUSE Linux
added 2026/05/19 8:20 a.m.19 views

Security update for postgresql15

This update for postgresql15 fixes the following issues Update to version 15.18. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References36
OSV
OSV
added 2026/05/19 8:19 a.m.8 views

SUSE-SU-2026:1999-1 Security update for postgresql15

This update for postgresql15 fixes the following issues Update to version 15.18. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.11 views

SUSE SLES12 Security Update : postgresql18 (SUSE-SU-2026:1946-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1946-1 advisory. This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: - CVE-2026-6472: ensure the user has CREATE...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References35
SUSE Linux
SUSE Linux
added 2026/05/18 7:49 a.m.10 views

Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References48
OSV
OSV
added 2026/05/18 7:48 a.m.6 views

SUSE-SU-2026:1946-1 Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard agains...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References24
OSV
OSV
added 2026/05/18 7:46 a.m.7 views

SUSE-SU-2026:1943-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References23
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

wger 安全漏洞

WGER is an open-source project developed by the WGER Team, built using Django for hosting self-hosted FLOSS fitness/exercise, nutrition, and weight tracking applications. Versions of WGER prior to 2.6 contained security vulnerabilities. These vulnerabilities stemmed from the use of Python object...

9.9CVSS5.8AI score0.00371EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/08 8:17 p.m.9 views

Improper Handling of Insufficient Permissions or Privileges

Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via revision comparisons. An attacker can gain unauthorized access to sensitive information by supplying th...

7.1CVSS5.8AI score0.00204EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/08 9:25 a.m.9 views

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation in the EqualsUri function. An attacker can cause incorrect URI comparisons by supplying specially crafted input values. Remediation Upgrade uriparser to version 1.0.2 or higher. References -...

5.3CVSS5.3AI score0.00211EPSS
Exploits0References2
NVD
NVD
added 2026/04/28 7:37 p.m.8 views

CVE-2026-41407

OpenClaw before 2026.4.2 contains a timing side channel vulnerability in shared-secret comparison call sites that use early length-mismatch checks instead of fixed-length comparison helpers. Attackers can measure timing differences to leak secret-length information, weakening constant-time handli...

6.3CVSS0.00225EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.6 views

PT-2026-35790

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.2 Description A timing side channel occurs in shared-secret comparison call sites that utilize early length-mismatch checks rather than fixed-length comparison helpers. This allows attackers to measure timing...

6.3CVSS5.8AI score0.00225EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.9 views

PT-2026-35358

Name of the Vulnerable Software and Affected Versions uriparser versions prior to 1.0.1 Description Numeric truncation occurs during text range comparison when an application accepts URIs with a length in gigabytes. This issue is characterized as an integer overflow, which happens when a numeric...

9.8CVSS5.8AI score0.00298EPSS
Exploits0References41
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of incorrect private data in the rxrpcpostresponse function when comparing cached response...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007029)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007029 advisory. In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as...

7.1CVSS5.6AI score0.00152EPSS
Exploits0References4
Rows per page
Query Builder