Lucene search
K

37 matches found

CVE
CVE
added 5 days ago8 views

CVE-2026-56334

Capgo before 12.128.2 is affected by an insufficient UPDATE row-level security (RLS) policy on the build_requests table. The missing policy allows API-key and anonymous access to persist builder status updates to be blocked or unpersisted, resulting in build status and error details remaining in ...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 1:16 p.m.12 views

CVE-2026-56248

Cap-go capgo capgo-backend before 12.128.12 contains an unauthenticated denial-of-service vulnerability arising from the auditlogs table's Row-Level Security RLS policy when accessed via the Supabase PostgREST API. Because the PostgreSQL query planner executes costly logic before RLS rejection,...

8.7CVSS0.00359EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 12:12 p.m.7 views

EUVD-2026-38430

Capgo before 12.128.2 contains a security control bypass vulnerability where the PostgREST/RLS plane accepts plaintext API keys through the capgkey header despite enforcehashedapikeys being enabled. Attackers can bypass org-level hashed-key enforcement by sending plaintext API keys directly to th...

8.6CVSS5.9AI score0.00273EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7183

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rlspdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may be...

6.9CVSS5.4AI score0.00405EPSS
Exploits0References1
CVE
CVE
added 2026/04/27 10:30 p.m.15 views

CVE-2026-7183

The CVE-2026-7183 entry affects aligungr UERANSIM (up to version 3.2.7), specifically the rls_pdu.cpp DecodeRlsMessage function in the Radio Link Simulation Layer. The issue arises from manipulation of the pduLength argument, causing an uncaught exception. Exploitability is described as remote. T...

6.9CVSS5.4AI score0.00405EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/27 10:30 p.m.5 views

EUVD-2026-25933

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rlspdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may be...

6.9CVSS5.2AI score0.00405EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/27 10:30 p.m.32 views

CVE-2026-7183 aligungr UERANSIM Radio Link Simulation Layer rls_pdu.cpp DecodeRlsMessage uncaught exception

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rlspdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may be...

6.9CVSS0.00405EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/27 10:30 p.m.4 views

CVE-2026-7183

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rlspdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may be...

6.9CVSS5AI score0.00405EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

UERANSIM 安全漏洞

UERANSIM is an open-source advanced 5G UE and RAN gNodeB simulator developed by Ali Güngör of Turkey. Versions of UERANSIM 3.2.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the parameter pdulength in the Radio Link Simulation Layer...

6.9CVSS6.1AI score0.00405EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.7 views

PT-2026-35537

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rls pdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may b...

6.9CVSS5.4AI score0.00405EPSS
Exploits0References7
OSV
OSV
added 2024/12/04 2:53 p.m.17 views

SUSE-SU-2024:4176-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References9
OSV
OSV
added 2024/12/04 2:51 p.m.14 views

SUSE-SU-2024:4175-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References9
OSV
OSV
added 2024/12/04 2:50 p.m.14 views

SUSE-SU-2024:4174-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References9
SUSE Linux
SUSE Linux
added 2024/11/29 4:24 p.m.2 views

Security update for postgresql14

This update for postgresql14 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...

8.8CVSS6.5AI score0.04422EPSS
Exploits1References16
OSV
OSV
added 2024/11/29 4:23 p.m.21 views

SUSE-SU-2024:4118-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References9
SUSE Linux
SUSE Linux
added 2024/11/28 12:25 p.m.5 views

Security update for postgresql12

This update for postgresql12 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...

8.8CVSS6.5AI score0.04422EPSS
Exploits1References16
OSV
OSV
added 2024/11/28 12:24 p.m.12 views

SUSE-SU-2024:4098-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References9
OSV
OSV
added 2024/11/28 12:24 p.m.19 views

SUSE-SU-2024:4097-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References9
OSV
OSV
added 2024/11/28 12:24 p.m.19 views

SUSE-SU-2024:4096-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References9
OSV
OSV
added 2024/11/28 12:23 p.m.20 views

SUSE-SU-2024:4095-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References9
Rows per page
Query Builder