Lucene search
+L

483 matches found

IBM Security Bulletins
IBM Security Bulletins
added 3 days ago5 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in DataView

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in DataView. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA...

9.9CVSS6.7AI score0.00691EPSS
Exploits0Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in node-fsagent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3a0392a3ddea9b6099e8501fdb827f586a410323cecea214aa50fc1be42183b The package tarball ships archive-sender.js, which archives the host path /root/.codex, splits the tar into 200MB chunks, reconstructs an npm registr...

6.1AI score
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/07/01 6:20 p.m.6 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 6:20 p.m.5 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 1:11 p.m.7 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS6.6AI score0.00558EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 9:47 a.m.5 views

Security Bulletin: Multiple Vulnerabilities in IBM DataStax Enterprise

Summary Multiple vulnerabilities were addressed in IBM DataStax Enterprise 6.9.23 Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is...

9.9CVSS7.3AI score0.01339EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 8:48 a.m.4 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Bouncy Castle (CVE-2026-0636,CVE-2026-5598,CVE-2026-5588&CVE-2026-3505)

Summary IBM App Connect Enterprise Toolkit and Runtime are vulnerable to multiple vulnerabilities due to Bouncy Castle. Vulnerability Details CVEID:CVE-2026-0636 DESCRIPTION: Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy...

9.9CVSS5.8AI score0.00758EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.8 views

RHEL 8 : postgresql:13 (RHSA-2026:32994)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:32994 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system accou...

8.8CVSS7AI score0.00668EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/06/25 3:13 p.m.9 views

Important: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/24 1:59 p.m.5 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.9AI score0.00558EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/24 12:5 p.m.14 views

postgresql18 security update

An update is available for postgresql18. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced Object-Relational database management system...

8.8CVSS6AI score0.00668EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/06/24 12:5 p.m.10 views

postgresql16 security update

An update is available for postgresql16. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced Object-Relational database management system...

8.8CVSS6AI score0.00668EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

RHEL 8 : postgresql:12 (RHSA-2026:28999)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28999 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery vi...

8.8CVSS6AI score0.00668EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

RockyLinux 10 : postgresql16 (RLSA-2026:27743)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27743 advisory. postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq:...

8.8CVSS7AI score0.00668EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

RockyLinux 8 : libpq (RLSA-2026:27738)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27738 advisory. postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq:...

8.8CVSS7AI score0.00668EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

AlmaLinux 8 : postgresql:13 (ALSA-2026:28208)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:28208 advisory. postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 Tenable has extracted the preceding description blo...

8.2CVSS6.7AI score0.00558EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.12 views

AlmaLinux 8 : postgresql:16 (ALSA-2026:28143)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28143 advisory. postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an...

8.8CVSS6AI score0.00668EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 7:54 p.m.10 views

Security Bulletin: IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82.

Summary IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82 Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This...

9.9CVSS5.8AI score0.00691EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/23 6:0 p.m.19 views

RLSA-2026:28208 Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 For more details about the security issues, including the impact, a CVSS score,...

8.2CVSS5.9AI score0.00558EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 5:6 p.m.37 views

CVE-2026-54316 Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

6CVSS0.00403EPSS
Exploits0References1
Rows per page
Query Builder