Lucene search
K

1025 matches found

UbuntuCve
UbuntuCve
added 2026/05/14 2:16 p.m.10 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6AI score0.0018EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/05/14 1:0 p.m.14 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6.1AI score0.0018EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/14 1:0 p.m.9 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

3.7CVSS6.1AI score0.0018EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/14 1:0 p.m.9 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6.1AI score0.0018EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.11 views

PT-2026-40927

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 16.0 through 16.13 PostgreSQL versions 17.0 through 17.9 PostgreSQL versions 18.0 through 18.3 Description SQL injection in logical replication occurs when using the 'ALTER SUBSCRIPTION ... REFRESH PUBLICATION' command. Thi...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References66
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-6638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the...

8.8CVSS6.2AI score0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.18 views

PT-2026-39719

Name of the Vulnerable Software and Affected Versions jq versions 1.8.1 and earlier Description jq accepts embedded NUL bytes in import paths at the jq-language level, but subsequently resolves those paths using C string operations during module and data-file lookup. This results in a mismatch...

7.3CVSS5.9AI score0.00158EPSS
Exploits5References38
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

7.5CVSS5.8AI score0.0027EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.12 views

Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017420 advisory. An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequence...

8.3CVSS7.1AI score0.12205EPSS
Exploits4References4
RedhatCVE
RedhatCVE
added 2026/05/06 8:1 p.m.11 views

CVE-2026-43172

A flaw was found in the Linux kernel's iwlwifi driver. This vulnerability occurs during SMEM parsing if the firmware reports an invalid number of Logical Media Access Controllers LMACs, which can lead to an array overrun. This issue could potentially result in system instability or a denial of...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:27 a.m.7 views

CVE-2026-43134

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...

5.8AI score0.00177EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/02 9:12 p.m.12 views

CVE-2026-43054

A flaw was found in the Linux kernel's SCSI target subsystem, specifically within the tcmloop module. This vulnerability arises when the tcmlooptargetreset function, responsible for handling target resets, fails to properly clear out commands that are still being processed. A local user or proces...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.9 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tcmlooptargetreset function failing to empty executing commands as required by the SCSI EH, which could...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/29 10:8 a.m.6 views

CVE-2026-35378

A flaw was found in the expr utility of uutils coreutils. A logic error in how the utility evaluates parenthesized subexpressions prevents proper short-circuiting for logical OR and AND operations. This can lead to arithmetic errors, such as division by zero, in parts of expressions that should b...

3.3CVSS5.2AI score0.00156EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:7 a.m.8 views

nfc: llcp: add missing return after LLCP_CLOSED checks

...

8.8CVSS5.8AI score0.00224EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/23 8:9 a.m.6 views

Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop

...

5.5CVSS5.2AI score0.00123EPSS
Exploits0
EUVD
EUVD
added 2026/04/22 6:31 p.m.10 views

EUVD-2026-25032

A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw prevents the utility from performing proper short-circuiting for logical OR | and AND & operation...

3.3CVSS5.9AI score0.00156EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34417

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth L2CAP component where the l2cap ecred data rcv function reads the SDU length field from skb-data using get unaligned le16 without verifying that the sock...

5.5CVSS5.5AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/04/15 12:49 a.m.9 views

CLEANSTART-2026-WA84208 Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery

Multiple security vulnerabilities affect the tempo package. Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery. See references for individual vulnerability details...

9.8CVSS7AI score0.01945EPSS
Exploits5References38
Packet Storm News
Packet Storm News
added 2026/04/14 12:0 a.m.7 views

LogicEval: A Systematic Framework for Evaluating Automated Repair Techniques for Logical Vulnerabilities in Real-World Software

Logical vulnerabilities in software stem from flaws in program logic rather than memory safety, which can lead to critical security failures. Although existing automated program repair techniques primarily focus on repairing memory corruption vulnerabilities, they struggle with logical...

5.9AI score
Exploits0
Rows per page
Query Builder