Lucene search
+L

592 matches found

OSV
OSV
added 2025/08/05 4:31 p.m.7 views

CLSA-2025-1754411479 Fix CVE(s): CVE-2025-48384

SECURITY UPDATE: security vulnerability - debian/patches/CVE-2025-48384.patch: quote values containing CR character in config to prevent unintended stripping of CR - CVE-2025-48384...

8CVSS7.1AI score0.02775EPSS
Exploits9References1
OSV
OSV
added 2025/07/29 1:38 p.m.16 views

RLSA-2025:3082 Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.4AI score0.89914EPSS
Exploits10References2
OSV
OSV
added 2025/07/16 5:20 p.m.7 views

CLSA-2025-1752683103 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

8CVSS6.4AI score0.02775EPSS
Exploits9References1
OSV
OSV
added 2025/07/16 8:49 a.m.7 views

CLSA-2025-1752655315 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

8CVSS7AI score0.02775EPSS
Exploits9References1
OSV
OSV
added 2025/07/16 8:45 a.m.6 views

CLSA-2025-1752655539 git: Fix of CVE-2025-48384

CVE-2025-48384: config: quote values containing CR character...

8CVSS7AI score0.02775EPSS
Exploits9References1
OSV
OSV
added 2025/07/13 11:15 p.m.9 views

AZL-65124 CVE-2025-1735 affecting package php for versions less than 8.1.33-1

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

7.5CVSS7.4AI score0.00953EPSS
Exploits0References1
OSV
OSV
added 2025/07/10 5:40 a.m.6 views

BIT-GIT-2025-48384 Git allows arbitrary code execution through broken config quoting

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with ...

8CVSS5.9AI score0.02775EPSS
Exploits9References6
SUSE CVE
SUSE CVE
added 2025/07/09 11:27 p.m.3 views

SUSE CVE-2025-1735

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

5.9CVSS8.3AI score0.00953EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2025/07/08 6:23 p.m.4 views

CVE-2025-48384 Git allows arbitrary code execution through broken config quoting

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with ...

8CVSS6.4AI score0.02775EPSS
Exploits9References1
Cvelist
Cvelist
added 2025/07/08 6:23 p.m.25 views

CVE-2025-48384 Git allows arbitrary code execution through broken config quoting

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed CRLF. When writing a config entry, values with ...

8CVSS0.02775EPSS
Exploits9References1
Broadcom
Broadcom
added 2025/07/08 12:0 a.m.15 views

Multiple vulnerabilities detected in PostgreSQL

Multiple PostgreSQL vulnerability updates CVE-2025-1094-PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2024-10979-PostgreSQL PL/Perl environment variable changes execute arbitrary code CVE-2024-10978-PostgreSQL SET ROLE, SET SESSION AUTHORIZATI...

10CVSS8.4AI score0.89914EPSS
Exploits11
Oracle linux
Oracle linux
added 2025/06/18 12:0 a.m.10 views

postgresql security update

9.2.24-9.0.5 - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain - libpq functions Orabug: 37843176...

8.1CVSS7.3AI score0.89914EPSS
Exploits10
OSV
OSV
added 2025/05/30 8:50 p.m.7 views

CLSA-2025-1748638245 python3: Fix of CVE-2024-9287

CVE-2024-9287: fix path names quoting to prevent command injection in virtual environment activation scripts...

7.8CVSS6.8AI score0.00647EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/29 12:0 a.m.12 views

Amazon Linux 2 : postgresql (ALAS-2025-2866)

The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2866 advisory. Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, an...

8.1CVSS8.2AI score0.89914EPSS
Exploits10References4
Amazon
Amazon
added 2025/05/29 12:0 a.m.5 views

Important: postgresql

Issue Overview: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the...

8.1CVSS8AI score0.89914EPSS
Exploits10
RedhatCVE
RedhatCVE
added 2025/05/22 6:20 p.m.10 views

CVE-2021-2268

Vulnerability in the Oracle Quoting product of Oracle E-Business Suite component: Courseware. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Quoting. Successful attacks of th...

8.1CVSS6.9AI score0.00987EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.5 views

CVE-2020-11632

The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges...

7.8CVSS7.6AI score0.00318EPSS
Exploits0References1
OSV
OSV
added 2025/05/21 7:7 p.m.6 views

CLSA-2025-1747854434 Fix CVE(s): CVE-2024-9287

SECURITY UPDATE: Path names provided when creating a virtual environment were not quoted properly - debian/patches/CVE-2024-9287.patch: Quote template strings in venv activation - CVE-2024-9287...

7.8CVSS6.7AI score0.00647EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 7:11 p.m.10 views

RLSA-2025:1739 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.5AI score0.89914EPSS
Exploits10References2
OSV
OSV
added 2025/05/07 7:11 p.m.9 views

RLSA-2025:1740 Important: postgresql:16 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.5AI score0.89914EPSS
Exploits10References2
Rows per page
Query Builder