Lucene search
+L

10 matches found

nessus
nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 4: postgresql (TSSA-2024:0413)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0413 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.8CVSS7.3AI score0.01565EPSS
Exploits0References3
osv
osv
added 2025/11/08 12:22 a.m.5 views

CVE-2025-64490 SuiteCRM's Inconsistent RBAC Enforcement Enables Access Control Bypass

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 allow a low-privileged user with a restrictive role to view and create work items through the Resource Calendar and project screens, even...

8.3CVSS6.4AI score0.00259EPSS
Exploits0References3
redhat
redhat
added 2025/09/02 11:52 a.m.20 views

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...

3.1CVSS7AI score0.0022EPSS
Exploits0References5
redhat
redhat
added 2025/09/02 11:0 a.m.14 views

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...

3.1CVSS7AI score0.0022EPSS
Exploits0References5
redhat
redhat
added 2025/08/28 10:24 a.m.6 views

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...

3.1CVSS7AI score0.0022EPSS
Exploits0References5
nvd
nvd
added 2025/08/14 1:15 p.m.8 views

CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS0.0022EPSS
Exploits0References1
alpinelinux
alpinelinux
added 2025/08/14 1:0 p.m.5 views

CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS7.1AI score0.0022EPSS
Exploits0
cve
cve
added 2025/01/07 4:22 p.m.147 views

CVE-2024-40749

The CVE-2024-40749 entry concerns Joomla! core: an improper access control (ACL) read-violation that allows access to protected core views. The incident is described as affecting multiple core views via an ACL leakage, with a CVSS v3.1 base score of 7.5 (Network access, no user interaction requir...

7.5CVSS6.5AI score0.00375EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2024/08/07 12:0 a.m.5 views

Jenkins 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins 2.470 and earlier and LTS 2.452.3 and earlier, which stems from a failure to...

6.3CVSS6.4AI score0.04263EPSS
Exploits0References3
nessus
nessus
added 2017/08/21 12:0 a.m.39 views

FreeBSD : drupal -- Drupal Core - Multiple Vulnerabilities (473b6a9e-8493-11e7-b24b-6cf0497db129)

Drupal Security Team : CVE-2017-6923: Views - Access Bypass - Moderately Critical CVE-2017-6924: REST API can bypass comment approval - Access Bypass - Moderately Critica CVE-2017-6925: Entity access bypass for entities that do not have UUIDs or have protected revisions - Access Bypass - Critical...

9.8CVSS7.6AI score0.03017EPSS
Exploits0References4
Rows per page
Query Builder