Lucene search
+L

592 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.10 views

PHP 8.5.x < 8.5.1 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.2.x prior to 8.2.30, 8.3.x prior to 8.3.29, 8.4.x prior to 8.4.16, or 8.5.x prior to 8.5.1. It is, therefore, affected by multiple vulnerabilities: - Information leak of memory in getimagesize...

8.2CVSS7.6AI score0.00573EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.3 views

PHP 8.2.x < 8.2.30 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.2.x prior to 8.2.30, 8.3.x prior to 8.3.29, 8.4.x prior to 8.4.16, or 8.5.x prior to 8.5.1. It is, therefore, affected by multiple vulnerabilities: - Information leak of memory in getimagesize...

8.2CVSS7.6AI score0.00573EPSS
Exploits4References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.5 views

PT-2026-25849

Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.3 Description Glances, a system cross-platform monitoring tool, contains a SQL injection issue in the DuckDB export module. The TimescaleDB export module was previously fixed for SQL injection by using parameteriz...

9.1CVSS5.8AI score0.00325EPSS
Exploits1References24
Microsoft CVE
Microsoft CVE
added 2025/12/29 9:1 a.m.11 views

NULL Pointer Dereference in PDO quoting

...

8.2CVSS6.7AI score0.00573EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2025/12/27 7:21 p.m.3 views

CVE-2025-14180 NULL Pointer Dereference in PDO quoting

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS6AI score0.00573EPSS
Exploits2References1
AlpineLinux
AlpineLinux
added 2025/12/27 7:21 p.m.4 views

CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS6.5AI score0.00573EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/12/27 7:43 a.m.5 views

CVE-2025-59888

Improper quotation in search paths in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the file system. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center...

6.7CVSS7.5AI score0.00192EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2025/12/18 9:4 a.m.12 views

python39:3.9 security update

An update is available for module.modwsgi, module.python-psutil, python-packaging, module.Cython, module.python3x-setuptools, module.python-iniconfig, module.python-wcwidth, module.python-ply, module.python39, python-psycopg2, python-psutil, python-chardet, module.python-pluggy, python-lxml,...

9.4CVSS7.2AI score0.01499EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.9 views

RockyLinux 8 : python39:3.9 (RLSA-2025:23530)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23530 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 python: Virtual environment venv activation scripts don'...

9.4CVSS6.8AI score0.01499EPSS
Exploits14References25
AlmaLinux
AlmaLinux
added 2025/12/17 12:0 a.m.11 views

Important: python39:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.4CVSS7AI score0.01499EPSS
Exploits14References26
OSV
OSV
added 2025/12/12 4:22 p.m.6 views

CLSA-2025-1764858353 postgresql: Fix of CVE-2025-1094

CVE-2025-1094: fix potential SQL injections allowed by an improper encoding validation in data quoting functions...

8.1CVSS7.5AI score0.89914EPSS
Exploits10References1
Cvelist
Cvelist
added 2025/12/11 6:34 a.m.36 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS0.00311EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/11 6:34 a.m.7 views

EUVD-2025-202665

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS6.4AI score0.00311EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/11 6:34 a.m.6 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS6.5AI score0.00311EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2025/11/19 12:0 a.m.10 views

postgresql security update

9.2.24-9.0.7 - Restrict psql meta-commands in plain-text dumps Orabug: 38442031CVE-2025-8714 9.2.24-9.0.5 - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain - libpq functions Orabug: 37843176...

8.8CVSS7AI score0.89914EPSS
Exploits11
OSV
OSV
added 2025/10/24 4:26 p.m.6 views

CLSA-2025-1761323193 libpq: Fix of CVE-2025-1094

CVE-2025-1094: fix potential SQL injections allowed by an improper encoding validation in data quoting functions...

8.1CVSS7.5AI score0.89914EPSS
Exploits10References1
RedhatCVE
RedhatCVE
added 2025/10/22 5:18 p.m.5 views

CVE-2025-62605

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0-beta.2. Mastodon...

4.3CVSS6.7AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 1:18 p.m.3 views

SUSE-SU-2025:20858-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to undefined behavior or potential crash due to out-of-bounds access bsc1248006 - CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in...

9.8CVSS5.8AI score0.0078EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2021-16727

Malware in sbrugna...

8.1CVSS6.9AI score0.00987EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-2564

Malware in sbrugna...

6.8CVSS6.1AI score0.02879EPSS
Exploits1References7
Rows per page
Query Builder