Lucene search
+L

316 matches found

cnnvd
cnnvd
added 2026/01/30 12:0 a.m.8 views

IBM Db2 security vulnerabilities

IBM Db2 is a relational database management system developed by IBM. The system can run on various operating systems such as UNIX, Linux, IBMi, z/OS, and Windows server versions. Versions 11.5.0 to 11.5.9, as well as 12.1.0 to 12.1.3 of IBM Db2, have security vulnerabilities. These vulnerabilitie...

7.5CVSS6AI score0.00261EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2026/01/08 9:46 p.m.11 views

aws-sg-cleanup (>=0.1.0 <=0.1.3), query-rds-data (>=2.0.0 <=2.0.1) potentially affected by unknown CVE via aws-sdk-rds (=0.15.0)

aws-sdk-rds CARGO version =0.15.0 is affected by a known vulnerability. The following packages have a transitive dependency on aws-sdk-rds and may be impacted: - aws-sg-cleanup =0.1.0, =2.0.0, =2.0.1 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

5.8AI score
Exploits0
fedora
fedora
added 2025/12/25 12:53 a.m.12 views

[SECURITY] Fedora 43 Update: roundcubemail-1.6.12-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

7.5CVSS7AI score0.19769EPSS
Exploits1
cnvd
cnvd
added 2025/12/03 12:0 a.m.3 views

Apache Kvrocks Information Disclosure Vulnerability

Apache Kvrocks is a distributed key-value NoSQL database from the Apache USA Foundation. Apache Kvrocks suffers from an information disclosure vulnerability that stems from the MONITOR command disclosing plaintext credentials. An attacker could exploit this vulnerability to obtain sensitive...

5.3CVSS6.4AI score0.00257EPSS
Exploits0References1
osv
osv
added 2025/11/13 10:22 p.m.7 views

GHSA-7WQ2-32H4-9HC9 AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance

Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...

8CVSS5.8AI score0.00438EPSS
Exploits0References4
github
github
added 2025/11/13 10:22 p.m.13 views

Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance

Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...

6.9AI score
Exploits0References4Affected Software1
redhatcve
redhatcve
added 2025/11/13 7:8 p.m.15 views

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS users. We recommend customers...

8.6CVSS6.9AI score0.00438EPSS
Exploits0References1
euvd
euvd
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-177851

Malicious code in meteor-paleoecology-mysql-middleware npm...

6.6AI score
Exploits0
cnvd
cnvd
added 2025/11/12 12:0 a.m.4 views

IBM Db2 Denial of Service Vulnerability (CNVD-2025-29174)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

7.5CVSS6.7AI score0.00281EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/11/10 6:9 p.m.3 views

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS users. We recommend customers...

8.6CVSS6.5AI score0.00438EPSS
Exploits0References11
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-0742

Malware in sbrugna...

5CVSS6.1AI score0.02734EPSS
Exploits0References9
fedora
fedora
added 2025/10/04 12:17 a.m.7 views

[SECURITY] Fedora 43 Update: firebird-4.0.6.3221-1.fc43

Firebird is a relational database offering many ANSI SQL standard features that runs on Linux, Windows, and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers. It has been used in production system...

8.8CVSS7.4AI score0.00547EPSS
Exploits1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24651

Malicious code in bioql PyPI...

6.9CVSS7.4AI score0.00565EPSS
Exploits0References6
pypa
pypa
added 2025/10/01 7:15 p.m.14 views

PYSEC-2025-106

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...

9.8CVSS7.2AI score0.00583EPSS
Exploits0References5Affected Software1
nessus
nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-14632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.20 and prior. Easily...

4.9CVSS5.6AI score0.0223EPSS
Exploits0References2
rocky
rocky
added 2025/07/29 1:38 p.m.6 views

postgresql:12 security update

An update is available for postgres-decoderbufs, postgresql, pgrepack, module.postgresql, module.postgres-decoderbufs, pgaudit, module.pgrepack, module.pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8CVSS8.2AI score0.01465EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2025/07/18 12:0 a.m.8 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause service interruptions...

6.8CVSS7.1AI score0.00468EPSS
Exploits0References2Affected Software1
hackerone
hackerone
added 2025/07/02 3:21 a.m.9 views

U.S. Dept Of Defense: SQL Injection in URI Path Leading to Full Database Disclosure on ████████

A time-based blind SQL injection vulnerability was discovered in the URI path of the /home/server-ocsp/ endpoint on a U.S. Government Public Key Infrastructure website. The vulnerability allowed an unauthenticated attacker to interact with the backend MySQL database and extract sensitive...

7.8AI score
Exploits0
cnnvd
cnnvd
added 2025/05/29 12:0 a.m.6 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to caus...

7.5CVSS7.2AI score0.00321EPSS
Exploits0References2
rocky
rocky
added 2025/05/07 7:11 p.m.10 views

postgresql:15 security update

An update is available for postgresql, postgres-decoderbufs, module.pgrepack, module.pgaudit, module.postgresql, pgaudit, pgrepack, module.postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.1CVSS8.3AI score0.89914EPSS
Exploits10
Rows per page
Query Builder