Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

7.2CVSS6AI score0.00287EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.7 views

FreePBX 安全漏洞

FreePBX is a set of tools from the FreePBX project that allow configuration of Asterisk an IP telephony system through a GUI-based web interface. Versions of FreePBX prior to 17.0.8 contained a security vulnerability. This vulnerability stemmed from the OAuth2 implementation in the API module,...

8.1CVSS5.8AI score0.00201EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.16 views

Dolibarr ERP/CRM Authenticated Code Injection

Dolibarr ERP/CRM versions prior to 17.0.1 allow remote code execution by an authenticated user who has access to the Website module...

8.8CVSS7.8AI score0.79335EPSS
Exploits16
CBLMariner
CBLMariner
added 2026/03/09 2:32 p.m.4 views

CVE-2025-47911 affecting package vitess for versions less than 17.0.7-14

CVE-2025-47911 affecting package vitess for versions less than 17.0.7-14. A patched version of the package is available...

5.3CVSS5.8AI score0.00502EPSS
Exploits0
Amazon
Amazon
added 2025/06/02 12:0 a.m.6 views

Medium: postgresql17

Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...

5.9CVSS6.8AI score0.00612EPSS
Exploits0
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.3 views

GitLab Enterprise Edition和GitLab Community Edition 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition and GitLab Community...

6.8CVSS6.3AI score0.0033EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/28 12:0 a.m.4 views

PT-2024-13070 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.2 iPadOS versions prior to 17.2 iOS version 16.7.3 iPadOS version 16.7.3 Description: A remote attacker may be able to cause a denial-of-service. This issue was addressed with improved checks. Recommendations: For iOS...

7.5CVSS6AI score0.00805EPSS
Exploits0References6
OSV
OSV
added 2023/09/05 7:15 a.m.3 views

AZL-28656 CVE-2023-41910 affecting package lldpd for versions less than 1.0.14-3

An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDPTLVADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdpdecode in daemon/protocols/cdp.c...

9.8CVSS7.2AI score0.00954EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/29 12:0 a.m.5 views

Twitter-Post-Fetcher 安全漏洞

Twitter-Post-Fetcher is a library by Jason Mayes personal developer. Used to fetch your twitter posts without using the new twitter 1.1 API. A security vulnerability exists in Twitter-Post-Fetcher versions before 17.x. An attacker exploited the vulnerability to cause victims to use web links from...

6.1CVSS5.3AI score0.00518EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/05/24 12:0 a.m.4 views

PT-2022-10637 · Red Hat · Wildfly

Name of the Vulnerable Software and Affected Versions: Wildfly versions prior to 17.0 Description: A flaw was found in Wildfly, where an incorrect JBOSS LOCAL USER challenge location when using the elytron configuration may lead to JBOSS LOCAL USER access to all users on the machine. The highest...

7.8CVSS5.9AI score0.00299EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2013/04/03 12:0 a.m.1 views

PT-2013-2624 · Mozilla +1 · Firefox Esr +5

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 20.0 Firefox ESR versions prior to 17.0.5 Thunderbird versions prior to 17.0.5 Thunderbird ESR versions prior to 17.0.5 SeaMonkey versions prior to 2.17 Description: The issue allows local users to gain...

6.9CVSS6.7AI score0.00407EPSS
Exploits0References6
Rows per page
Query Builder