CVE-2026-5618 kalcaddle kodbox shareMake/shareCheck server-side request forgery

A vulnerability was detected in kalcaddle kodbox up to 1.64. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results in server-side request forgery. The attack is possible to be carried out remotely. The complexity ...

K000149183: PostgreSQL vulnerabilities CVE-2014-0064, CVE-2014-0065, CVE-2014-0066, and CVE-2014-0067

Security Advisory Description CVE-2014-0064 Multiple integer overflows in the pathin and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and...

RHEL 6 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: Start scripts permit database administrator to modify root-owned files CVE-2017-15097 -...

Fedora 24 : subversion-1.9.4-1.fc24 (2016-20cc04ac50)

Update to 1.9.4 1331222 CVE-2016-2167 CVE-2016-2168 - Move tools in docs to tools subpackage rhbz 1171757 1199761 - Disable make check to work around FTBFS Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-431)

This update for java-170-openjdk fixes the following issues : java-170-openjdk was updated to 2.6.5 - OpenJDK 7u99 boo972468 - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX...

openSUSE Security Update : miniupnpc (openSUSE-SU-2014:0815-1)

miniupnpc was updated to 1.9 to fix a potential buffer overrun in miniwget.c CVE-2014-3985. Besides that the following issues were fixed : - added argument remoteHost to UPNPGetSpecificPortMappingEntry - increment APIVERSION to 10 - --help and -h arguments in upnpc.c - define MAXHOSTNAMELEN if no...

openSUSE Security Update : icedtea-web (openSUSE-SU-2012:0371-1)

update to 1.2 - New features : - Signed JNLP support - Support for client authentication certificates - Cache size enforcement now supported via itweb-settings - Applet parameter passing through JNLP files now supported - Better icons for access warning dialog - Security Dialog UI revamped to...

PostgreSQL 'make check' 本地权限提升漏洞

BUGTRAQ ID: 65721 CVECAN ID: CVE-2014-0067 PostgreSQL是一款高级对象－关系型数据库管理系统，支持扩展的SQL标准子集。 PostgreSQL 9.3.3, 9.2.7, 9.1.12, 9.0.16, 8.4.20之前版本通过"make check"在构造树内运行回归测试时，服务器进程允许同一台机器上的用户作为超级用户登录，另外一个本地用户也可以获取操作系统用户的权限。 0 PostgreSQL PostgreSQL 8.x 厂商补丁： PostgreSQL ----------...

PostgreSQL -- multiple privilege issues

PostgreSQL Project reports: This update fixes CVE-2014-0060, in which PostgreSQL did not properly enforce the WITH ADMIN OPTION permission for ROLE management. Before this fix, any member of a ROLE was able to grant others access to the same ROLE regardless if the member was given the WITH ADMIN...