95 matches found
PostgreSQL 10.x < 10.21, 11.x < 11.16, 12.x < 12.11, 13.x < 13.7, 14.x < 14.3 Privilege Escalation Vulnerability - Windows
PostgreSQL is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
[SECURITY] Fedora 36 Update: gcc-12.0.1-0.12.fc36
The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code...
Markdown-It 资源管理错误漏洞
Markdown-It is a Markdown parser. A security vulnerability exists in Markdown-It, which originates from Markdown-It is a Markdown parser. Prior to version 1.3.2, special patterns greater than 50,000 characters in length significantly slowed down the parser. Users should upgrade to version 12.3.2 ...
Mozilla Firefox Security Advisory (MFSA2012-22) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Google Android System Information Disclosure Vulnerability (CNVD-2021-101431)
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Alliance OHA for short. an information disclosure vulnerability exists in the System component of Google Android version 12. No detailed vulnerability details are available...
Google Android Framework Elevation of Privilege Vulnerability (CNVD-2021-101443)
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Alliance OHA for short. an elevation of privilege vulnerability exists in the Framework component of Google Android version 12. No detailed vulnerability details are available...
PostgreSQL 11.x < 11.12, 12.x < 12.7, 13.x < 13.3 Information Disclosure Vulnerability - Windows
PostgreSQL is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Cross site scripting
On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system...
PostgreSQL 11.x < 11.13 / 12.x < 12.8 / 13.x < 13.4 Memory Disclosure
The version of PostgreSQL installed on the remote host is 11 prior to 11.13, 12 prior to 12.8, or 13 prior to 13.4. As such, it is potentially affected by a memory disclosure vulnerability: - A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any...
CVE-2020-7390
Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Profile. An authenticated user can pass XSS strings the "First Name," "Last Name," and "Email Address" fields of this web application component. Updates are available for on-premises versions of Version 12 components shipped with Syracuse...
CVE-2020-7388 Sage X3 AdxAdmin Unauthenticated Command Execution Bypass by Spoofing
Sage X3 Unauthenticated Remote Command Execution RCE as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential validation. While exploiting this does require knowledge of the installation path, that information can be learned by...
CVE-2021-1099
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affect...
CVE-2021-1100
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver nvidia.ko, in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x prior to 12.3, version 11.x prior to 11....
CVE-2021-1097
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it improperly validates the length field in a request from a guest. This flaw allows a malicious guest to send a length field that is inconsistent with the actual length of the input, which may lead to...
Design/Logic Flaw
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it can lead to floating point exceptions, which may lead to denial of service. This affects vGPU version 12.x prior to 12.3, version 11.x prior to 11.5 and version 8.x prior 8.8...
CVE-2021-1099
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affect...
PostgreSQL 9.6.x < 9.6.22, 10.x < 10.17, 11.x < 11.12, 12.x < 12.7, 13.x < 13.3 Multiple Vulnerabilities - Linux
PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...
PostgreSQL 9.6.x < 9.6.22 / 10.x < 10.17 / 11.x < 11.12 / 12.x < 12.7 / 13.x < 13.3 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 9.6 prior to 9.6.22, 10 prior to 10.17, 11 prior to 11.12, 12 prior to 12.7, or 13 prior to 13.3. As such, it is potentially affected by multiple vulnerabilities : - Buffer overrun from integer overflow in array subscripting calculations...
CVE-2021-1087
NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager vGPU plugin, which could allow an attacker to retrieve information that could lead to a Address Space Layout Randomization ASLR bypass. This affects vGPU version 12.x prior to 12.2, version 11.x prior to 11.4 and version 8.x...
CVE-2021-1080
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, in which certain input data is not validated, which may lead to information disclosure, tampering of data, or denial of service. This affects vGPU version 12.x prior to 12.2, version 11.x prior to 11.4 and versi...