Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

216205 matches found

SUSE Linux
SUSE Linuxadded 2026/05/18 7:57 a.m.6 views

Security update for php8

This update for php8 fixes the following issues CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776...

9.8CVSS6.5AI score0.00505EPSS
Exploits1References32
OSV
OSVadded 2026/05/18 7:57 a.m.0 views

SUSE-SU-2026:1957-1 Security update for php8

This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. -...

9.8CVSS6.5AI score0.00505EPSS
Exploits1References17
OSV
OSVadded 2026/05/18 7:48 a.m.4 views

SUSE-SU-2026:1946-1 Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard agains...

8.8CVSS6.1AI score0.00471EPSS
Exploits0References24
SUSE Linux
SUSE Linuxadded 2026/05/18 7:48 a.m.6 views

Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00471EPSS
Exploits0References48
OSV
OSVadded 2026/05/18 7:48 a.m.4 views

SUSE-SU-2026:1945-1 Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard agains...

8.8CVSS6.1AI score0.00471EPSS
Exploits0References24
SUSE Linux
SUSE Linuxadded 2026/05/18 7:47 a.m.11 views

Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00471EPSS
Exploits0References48
OSV
OSVadded 2026/05/18 7:47 a.m.1 views

SUSE-SU-2026:1944-1 Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard agains...

8.8CVSS6.1AI score0.00471EPSS
Exploits0References24
OSV
OSVadded 2026/05/18 7:46 a.m.4 views

SUSE-SU-2026:1943-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

8.8CVSS6.1AI score0.00471EPSS
Exploits0References23
SUSE Linux
SUSE Linuxadded 2026/05/18 7:46 a.m.8 views

Security update for postgresql16

This update for postgresql16 fixes the following issues Update to version 16.13. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00471EPSS
Exploits0References40
NVD
NVDadded 2026/05/18 7:16 a.m.8 views

CVE-2026-6379

The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks...

8.6CVSS0.00328EPSS
Exploits1References1
GithubExploit
GithubExploitadded 2026/05/18 6:46 a.m.55 views

Web-Application-Vulnerability-Scanner

Web-Application-Vulnerability-Scanner Developed a Python-...

5.9AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/05/18 6:0 a.m.7 views

CVE-2026-6379

The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks...

8.6CVSS5.9AI score0.00328EPSS
Exploits1References1
EUVD
EUVDadded 2026/05/18 6:0 a.m.8 views

EUVD-2026-30734

The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks...

8.6CVSS5.9AI score0.00328EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/05/18 6:0 a.m.3 views

CVE-2026-6379 WP Photo Album Plus < 9.1.11.001 - Unauthenticated SQL Injection via 'wppa-supersearch' Parameter

The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks...

5.9AI score0.00328EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/05/18 6:0 a.m.39 views

CVE-2026-6379 WP Photo Album Plus < 9.1.11.001 - Unauthenticated SQL Injection via 'wppa-supersearch' Parameter

The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks...

0.00328EPSS
Exploits1References1
CVE
CVEadded 2026/05/18 6:0 a.m.14 views

CVE-2026-6379

WP Photo Album Plus plugin prior to 9.1.11.001 is vulnerable: wppa_get_photos() concatenates the wppa-supersearch parameter into SQL (owner, name, tag, calendar exifdtm/timestamp sinks) without proper quoting or $wpdb-&gt;prepare, enabling unauthenticated SQL injection. The patch in commit d2b0d0...

8.6CVSS5.9AI score0.00328EPSS
Exploits1References1
OSV
OSVadded 2026/05/18 5:53 a.m.3 views

BIT-POSTGRESQL-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6.1AI score0.00187EPSS
Exploits0References2
OSV
OSVadded 2026/05/18 5:53 a.m.2 views

BIT-POSTGRESQL-2026-6637 PostgreSQL refint allows stack buffer overflow and SQL injection

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitate...

8.8CVSS6.4AI score0.00378EPSS
Exploits0References2
NVD
NVDadded 2026/05/18 4:16 a.m.17 views

CVE-2026-8785

A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file updateinfo.php of the component GET Parameter Handler. Executing a manipulation of the argument appointmentno can lead to sql injection. The...

7.5CVSS0.00254EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/18 2:45 a.m.13 views

EUVD-2026-30729

A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file updateinfo.php of the component GET Parameter Handler. Executing a manipulation of the argument appointmentno can lead to sql injection. The...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
Rows per page
Query Builder