Lucene search
K

9 matches found

OSV
OSV
added 2026/05/22 4:0 p.m.8 views

CLSA-2026-1779465604 postgresql: Fix of CVE-2026-6473

CVE-2026-6473: tsearch: bound StartSel/StopSel/FragmentDelimiter length to PGINT16MAX in tsheadline - CVE-2026-6473: contrib/ltree: guard lquery parsing against numvar and totallen wraparound - CVE-2026-6473: regex: add overflow-checked MALLOCARRAY/REALLOCARRAY and bound NFA state/color products...

8.8CVSS5.8AI score0.00668EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-1050

Malware in sbrugna...

7.5CVSS6.4AI score0.01946EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/10/09 12:0 a.m.7 views

PT-2023-20327 · Unknown · Reportportal

Name of the Vulnerable Software and Affected Versions: ReportPortal versions prior to 5.10.0 Description: The ReportPortal database becomes unstable and reporting almost fully stops when the test item.path field exceeds the allowable ltree field type indexing limit, which occurs when the path...

6.5CVSS6.3AI score0.00511EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/10/09 12:0 a.m.3 views

ReportPortal Security Vulnerabilities

ReportPortal is an open source, service-oriented, web-based platform from ReportPortal Open Source. A security vulnerability exists in ReportPortal versions prior to 5.10.0 that stems from the ReportPortal database becoming unstable when the testitem.path field exceeds the allowed indexing limit...

6.5CVSS6.7AI score0.00511EPSS
Exploits0References4
Veracode
Veracode
added 2017/09/07 5:54 a.m.11 views

Cross-site Scripting (XSS)

pomm/pomm is susceptible to cross-site scripting XSS attacks. The attacks are possible because it does not escape the string in LTree converter fromPg function in Pomm/Converter/PgLTree.php...

5.7AI score
Exploits0
Veracode
Veracode
added 2017/07/25 7:44 p.m.13 views

SQL Injection

Pomm is vulnerable to SQL injections. The library does not escape user supplied strings in the LTree converter, allowing a malicious user to inject and execute arbitrary SQL queries...

7.5CVSS7.3AI score0.01946EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2015/01/13 3:59 p.m.16 views

Sql injection

SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.01946EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2015/01/13 3:0 p.m.43 views

CVE-2014-100019

The vulnerability is in the Pomm library’s LTree converter, where SQL injection is possible in versions before 1.1.5. An attacker could remotely execute arbitrary SQL commands due to lack of escaping for user-supplied strings. Impact and affected components are described in multiple sources (e.g....

7.5CVSS8.6AI score0.01946EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/01/13 3:0 p.m.18 views

CVE-2014-100019

SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.01946EPSS
Exploits0References5
Rows per page
Query Builder