Lucene search
K

495 matches found

RedHat Linux
RedHat Linux
added 2023/12/11 9:59 a.m.4 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2023/12/10 5:56 p.m.27 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.7AI score0.02775EPSS
Exploits0
Cvelist
Cvelist
added 2023/12/10 5:56 p.m.43 views

CVE-2023-5868 Postgresql: memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.6AI score0.02775EPSS
Exploits0References25
AlpineLinux
AlpineLinux
added 2023/12/10 5:56 p.m.20 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7AI score0.02775EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/12/06 9:51 a.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/30 3:2 p.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.3 views

kernel: drm/amdgpu: SDMA update use unlocked iterator

A denial of service exists in the linux kernel such that there is a SDMA update page table may be called from an unlocked context, leading to damage to system availability and integrity...

5.5CVSS7.1AI score0.00143EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.4 views

kernel: perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

A resource-handling flaw was found in the Linux kernel performance monitoring driver for ARM System Memory Management Unit version 3 in the way hotplug callbacks are registered during driver initialization. If driver registration fails, previously added CPU hotplug callbacks are not removed,...

5.5CVSS7.2AI score0.00147EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/18 12:0 a.m.75 views

Ubuntu 16.04 ESM / 18.04 ESM : GNU binutils vulnerabilities (USN-6381-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6381-1 advisory. It was discovered that a memory leak existed in certain GNU binutils modules. An attacker could possibly use this issue to cause a denial of...

8.8CVSS7.3AI score0.00698EPSS
Exploits8References9
RedhatCVE
RedhatCVE
added 2023/08/23 7:15 p.m.55 views

CVE-2020-19726

A heap-based buffer overflow was found in binutils in the bfdgetl32 function, relating to the auxiliary symbol data. This flaw allows an attacker to read or write to system memory or cause a denial of service...

8.8CVSS8.6AI score0.00664EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/08/22 12:0 a.m.17 views

CVE-2020-19726

An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service...

6.6AI score0.00664EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.18 views

GNU Binutils 安全漏洞

GNU Binutils is a set of open source tools for working with binaries such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils. An attacker can exploit this...

8.8CVSS7.4AI score0.00664EPSS
Exploits1References6
CVE
CVE
added 2023/08/22 12:0 a.m.163 views

CVE-2020-19726

CVE-2020-19726 concerns GNU Binutils, specifically the libbfd.c 2.36 component. The issue allows an attacker to read or write system memory and can cause a denial of service, per the provided description. Connected advisories (Cloud Foundry USN, Debian tracker, Astra Linux, etc.) corroborate a me...

8.8CVSS8.2AI score0.00664EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/08/07 12:0 a.m.5 views

Insyde InsydeH2O Input Validation Error Vulnerability

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O versions 5.0 through 5.5, which stems from...

5.5CVSS6.6AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.15 views

Cisco NX-OS Software ICMP Version 6 Memory Leak Denial of Service (CVE-2021-1229)

A vulnerability in ICMP Version 6 ICMPv6 processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead to a denial of service DoS condition. This vulnerability is due to improper error handling when an...

5.8CVSS6.6AI score0.01375EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.15 views

Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode DHCP Version 6 Denial of Service (CVE-2018-0372)

A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service DoS condition on an affect...

7.8CVSS7.4AI score0.02518EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.34 views

Juniper Junos OS Multiple Vulnerabilities (JSA69720)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA69720 advisory. - Multiple ethernet Network Interface Card NIC device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous...

5CVSS6.2AI score0.73006EPSS
Exploits15References3
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.2 views

kernel: Kernel: Denial of Service via memory leak in wifi power saving mode

A flaw was found in the Linux kernel's wifi driver. Under power saving mode, the driver fails to properly free unused socket buffers skb, leading to a memory leak. A local attacker could exploit this vulnerability to cause a Denial of Service DoS by exhausting system memory...

5.8AI score0.00166EPSS
Exploits0References5
OSV
OSV
added 2023/04/12 1:15 p.m.3 views

CVE-2023-22616

An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm driver does not check the value of a save state register before use. Due to insufficient input validation, an attacker can corrupt SMRAM...

7.8CVSS7.1AI score0.00369EPSS
Exploits1References3
NVD
NVD
added 2023/03/29 9:15 p.m.26 views

CVE-2023-28507

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a memory-exhaustion issue, where a decompression routine will allocate increasing amounts of memory until all system memory is exhausted and the forked...

9.8CVSS9.4AI score0.00923EPSS
Exploits0References1
Rows per page
Query Builder