Lucene search
K

47 matches found

RedHat Linux
RedHat Linux
added 2023/11/29 2:20 p.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/29 2:18 p.m.2 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/28 4:5 p.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
Snyk
Snyk
added 2022/04/21 8:6 a.m.3 views

SQL Injection

Overview blazer is an allows you to explore your data with SQL. Easily create charts and dashboards, and share them with your team. Affected versions of this package are vulnerable to SQL Injection by allowing specific variable values to modify the query rather than just the variable. This can...

7.5CVSS7.9AI score0.00857EPSS
Exploits0References2
Node.js
Node.js
added 2019/04/18 6:23 p.m.15 views

SQL Injection

Overview Versions of sequelize prior to 5.3.0 excluding v3 and v4 are vulnerable to SQL Injection. PostgreSQL optionstandardconformingstrings is not set to on by default, which may allow attackers to inject SQL statements due to poor handling of backslashes in string literals. Recommendation...

7.4AI score
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2019/04/11 4:33 p.m.38 views

SQL Injection in sequelize

Versions of sequelize prior to 5.3.0 excluding v3 and v4 are vulnerable to SQL Injection. PostgreSQL optionstandardconformingstrings is not set to on by default, which may allow attackers to inject SQL statements due to poor handling of backslashes in string literals. Recommendation Upgrade to...

7.5CVSS3.7AI score0.01823EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2019/04/11 4:33 p.m.25 views

GHSA-2777-2VQ8-C4V4 SQL Injection in sequelize

Versions of sequelize prior to 5.3.0 excluding v3 and v4 are vulnerable to SQL Injection. PostgreSQL optionstandardconformingstrings is not set to on by default, which may allow attackers to inject SQL statements due to poor handling of backslashes in string literals. Recommendation Upgrade to...

7.5CVSS7.7AI score0.01823EPSS
Exploits0References8
Rows per page
Query Builder