SUSE CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

PT-2026-40919

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description An externally-controlled format string in the timeofday...

GitLab 12.10 < 18.8.9 / 18.9 < 18.9.5 / 18.10 < 18.10.3 (CVE-2026-1092)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause...

AZL-53888 CVE-2024-7883 affecting package clang for versions less than 18.1.2-4

When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state...

Evmos Security Vulnerabilities

Evmos is a scalable, high-throughput proof-of-equity blockchain. It is used for full compatibility and interoperability with Ether. A security vulnerability exists in Evmos versions prior to 18.0.0 that stems from a lack of precompilation checks...

Dolibarr ERP/CRM Security Breach

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders and more. A security vulnerability exists in Dolibarr ERP/CRM v18.0.1 and...

CVE-2023-44827

An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v.4.7 and before allows an attacker to execute arbitrary code via a crafted script to the Office Conversion Settings function...

UBUNTU-CVE-2023-5323

Cross-site Scripting XSS - Generic in GitHub repository dolibarr/dolibarr prior to 18.0...

Dolibarr Cross-Site Scripting Vulnerability

Dolibarr is a software application. A modern software package that helps manage your organization's activities. A cross-site scripting vulnerability exists in Dolibarr versions prior to 18.0 that stems from the presence of a cross-site scripting XSS vulnerability...

Pexip Infinity Denial of Service Vulnerability

Pexip Infinity is video communications software that organizations can deploy in their IT infrastructure, public or private cloud, or any hybrid combination to enable everyone to have their own personal, high-quality video, audio, and mobile conferencing experience. A denial of service...

CVE-2018-14850

Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image...

Cisco SD-WAN Solution Remote Command Injection Vulnerability (CNVD-2018-14074)

Cisco vBond Orchestrator Software and other products are from Cisco. cisco vBond Orchestrator Software is a set of security network extension management software. vEdge 100 Series Routers is a 100 series router product. SD-WAN Solution is a set of network extension solution running in it. A comma...