Lucene search
K

7 matches found

UbuntuCve
UbuntuCve
added 2025/11/13 12:0 a.m.5 views

CVE-2025-12818

Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions...

5.9CVSS6.5AI score0.00307EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/08/14 1:15 p.m.3 views

CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS7.4AI score0.00709EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/08/14 1:15 p.m.5 views

CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS7.5AI score0.00385EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/05/08 3:15 p.m.8 views

CVE-2025-4207

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13,...

5.9CVSS6.8AI score0.00612EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/11/14 1:15 p.m.8 views

CVE-2024-10978

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...

4.2CVSS6.8AI score0.00705EPSS
Exploits0References4
OSV
OSV
added 2018/03/29 10:29 p.m.2 views

CVE-2017-16512

The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...

7.8CVSS5.8AI score0.00309EPSS
Exploits1References1
OSV
OSV
added 2017/02/01 7:59 p.m.3 views

CVE-2016-9225

A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance ASA CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service DoS condition. The...

8.6CVSS5.8AI score0.02662EPSS
Exploits0References3
Rows per page
Query Builder