Atlassian Confluence 2.x < 8.5.25 Denial of Service

According to its self-reported version number, the Atlassian Confluence application running on the remote host is 2.x prior to 8.5.25, 9.2.x prior to 9.2.7 or 10.x prior to 10.0.2. It is, therefore, affected by a denial of service vulnerability. Note that the scanner has not tested for these issu...

EUVD-2024-0657

Malicious code in bioql PyPI...

Grafana 8.5.x < 8.5.21 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is 8.5.x earlier than 8.5.21, or 9.2.x earlier than 9.2.13, or 9.3.x earlier than 9.3.8. It is, therefore, affected by multiple vulnerabilities: - A Cross-site Scripting vulnerability. - A Cross-site Scripting...

BIT-MATTERMOST-2024-1942

Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, and 9.3.0 fail to sanitize the metadata on posts containing permalinks under specific conditions, which allows an authenticated attacker to access the contents of individual posts in channels they are not a member of...

GitLab 9.2.x - 10.4.6, 10.5.x - 10.5.6, 10.6.x - 10.6.2 XSS Vulnerability

GitLab is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

Information disclosure

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x improperly handle an exceptional condition. A remote low privileged user could potentially exploit this vulnerability, leading to unauthorized information disclosure...

CVE-2021-36281

Dell EMC PowerScale OneFS versions 8.2.x–9.2.x contain an incorrect permission assignment that can allow a low-privileged authenticated user to escalate privileges. Affected component: privilege/permission handling in OneFS API surface. Root cause: misassigned permissions enabling higher-privileg...

PostgreSQL Privilege Escalation Vulnerability (Dec 2017) - Windows

PostgreSQL is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-7484

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged...

PostgreSQL contrib/hstore/hstore_io.c整数溢出漏洞

CVE ID:CVE-2014-2669 PostgreSQL是一款高级对象－关系型数据库管理系统，支持扩展的SQL标准子集。 PostgreSQL contrib/hstore/hstoreio.c存在整数溢出，允许远程通过验证的用户使应用程序崩溃。漏洞与hstorerecv, hstorefromarrays和hstorefromarray函数相关。 0 PostgreSQL 9.0.x PostgreSQL 9.1.x PostgreSQL 9.2.x PostgreSQL 9.3.x PostgreSQL...

Design/Logic Flaw

PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspecified impact and attack vectors...