Lucene search
K

138 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 12:26 p.m.5 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
NVD
NVD
added 2026/06/28 12:16 a.m.13 views

CVE-2026-10643

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS0.0012EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/25 2:49 a.m.4 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

AlmaLinux 8 : postgresql:12 (ALSA-2026:28999)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28999 advisory. postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an...

8.8CVSS6AI score0.00668EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 6:0 p.m.2 views

RLSA-2026:28999 Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/24 1:59 p.m.4 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 8:17 p.m.3 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:55 a.m.6 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:40 a.m.8 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/17 12:0 a.m.10 views

postgresql:15 security update

An update is available for postgres-decoderbufs, module.postgres-decoderbufs, postgresql, module.pgaudit, module.pgrepack, pgaudit, pgrepack, module.postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS5.5AI score0.00668EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2026/06/16 12:0 a.m.13 views

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write...

8.8CVSS5.4AI score0.00668EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2026/05/16 8:4 a.m.17 views

PostgreSQL server undersizes allocations, via integer wraparound

...

8.8CVSS5.8AI score0.00668EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/14 1:0 p.m.71 views

CVE-2026-6473 PostgreSQL server undersizes allocations, via integer wraparound

Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...

8.8CVSS0.00668EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 1:0 p.m.61 views

CVE-2026-6473

CVE-2026-6473 affects PostgreSQL server features where integer wraparound can cause undersized allocations and write out-of-bounds. An unprivileged database user could potentially execute arbitrary code as the OS user running the database, or trigger segmentation faults with gigabyte-scale inputs...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References31Affected Software1
OSV
OSV
added 2026/05/09 12:2 a.m.5 views

GHSA-97WC-2HQC-CJGR smallbitvec: Integer overflow in safe API leads to heap buffer overflow

Summary An integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption without requiring unsafe code from the caller. Details The issue originates from...

7.3CVSS6AI score0.00151EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/09 12:2 a.m.29 views

smallbitvec: Integer overflow in safe API leads to heap buffer overflow

Summary An integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption without requiring unsafe code from the caller. Details The issue originates from...

7.3CVSS6AI score0.00151EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.14 views

PT-2026-39309

Name of the Vulnerable Software and Affected Versions smallbitvec affected versions not specified Description An integer overflow occurs during the internal capacity calculation within the buffer lencap function. When the cap variable is close to usize::MAX, unchecked arithmetic causes the value ...

7.3CVSS6AI score0.00151EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the insufficient size of the struct clkhw slot reserved for 9FGV0841 in the clkrs9 section. This...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/28 7:54 a.m.7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.3AI score0.00398EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/20 4:18 p.m.2 views

CVE-2026-41445

KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kissfftndralloc function in kissfftndr.c where the allocation size calculation dimOtherdimReal+2sizeofkissfftscalar overflows signed 32-bit integer arithmetic before being widened to sizet, causing malloc to allocate ...

8.8CVSS6AI score0.00288EPSS
Exploits0References3
Rows per page
Query Builder