Lucene search
K

115 matches found

Nuclei
Nuclei
added yesterday123 views

Tenda AC1200 V-W15Ev2 - Authentication Bypass

The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The...

4.9CVSS6AI score0.28802EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 4 days ago4 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS6.6AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 5 days ago7 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS7AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 5 days ago6 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/23 6:0 p.m.5 views

postgresql:13 security update

An update is available for postgres-decoderbufs, module.postgres-decoderbufs, postgresql, module.pgaudit, module.pgrepack, pgaudit, pgrepack, module.postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS5.9AI score0.00558EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/06/23 6:3 a.m.6 views

postgresql:15 security update

An update is available for postgres-decoderbufs, module.postgres-decoderbufs, postgresql, module.pgaudit, module.pgrepack, pgaudit, pgrepack, module.postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS5.9AI score0.00668EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.4 views

RHEL 8 : postgresql:16 (RHSA-2026:28143)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28143 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery vi...

8.8CVSS6AI score0.00668EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2026/06/23 12:0 a.m.3 views

Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 For more details about the security issues, including the impact, a CVSS score,...

8.2CVSS5.9AI score0.00558EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.6 views

RHEL 8 : postgresql:13 (RHSA-2026:28208)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28208 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert...

8.2CVSS6.7AI score0.00558EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/22 6:34 a.m.14 views

Important: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 12:0 a.m.4 views

ALSA-2026:27741 Important: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/06/17 8:59 a.m.7 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.4AI score0.00558EPSS
Exploits0References5
CVE
CVE
added 2026/06/09 1:2 p.m.30 views

CVE-2026-11789

Affected software : 389 Directory Server (389-ds-base). Vulnerable component : SMD5 password storage plugin. Root cause : unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read and LDAP server crash during authenticatio...

6.5CVSS5.7AI score0.00282EPSS
Exploits0References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.11 views

Amazon Linux 2023 : libpq, libpq-devel (ALAS2023-2026-1711)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1711 advisory. Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack...

8.8CVSS6AI score0.00558EPSS
Exploits0References6
OSV
OSV
added 2026/05/21 8:39 p.m.6 views

USN-8294-1 postgresql-14, postgresql-16, postgresql-17, postgresql-18 vulnerabilities

It was discovered that PostgreSQL did not correctly enforce authorization for CREATE TYPE. An attacker could possibly use this issue to execute arbitrary SQL functions. CVE-2026-6472 It was discovered that PostgreSQL incorrectly handled large user input in multiple server features. An attacker...

8.8CVSS6.3AI score0.00668EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2026/05/14 1:0 p.m.7 views

CVE-2026-6478

Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all supported releases. However, current databases may have MD5-hashed...

8.2CVSS5.8AI score0.00558EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/14 1:0 p.m.10 views

CVE-2026-6478

Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all supported releases. However, current databases may have MD5-hashed...

8.2CVSS5.8AI score0.00558EPSS
Exploits0
OSV
OSV
added 2026/01/23 9:15 p.m.4 views

CVE-2025-52026

An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 ...

7.5CVSS5.9AI score0.00275EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-1003

Malware in sbrugna...

5CVSS6.2AI score0.01116EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-1883

Malware in sbrugna...

6.8CVSS6.4AI score0.01264EPSS
Exploits1References6
Rows per page
Query Builder