2001
|
4.4 |
MEDIUM
Network
|
postgresql redhat
|
postgresql software_collections enterprise_linux enterprise_linux_server_tus enterprise_linux_server_aus enterprise_linux_eus enterprise_linux_for_arm_64 enterprise_linux_for_pow…
|
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Succe…
|
NVD-CWE-noinfo
|
CVE-2023-5870
|
2024-09-14 09:15 |
2023-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2002
|
8.8 |
HIGH
Network
|
postgresql redhat
|
postgresql enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_for_scientific_computing enterprise_linux_server software_collections enterprise_linux enterpris…
|
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an inte…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2023-5869
|
2024-09-14 09:15 |
2023-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2003
|
4.3 |
MEDIUM
Network
|
postgresql redhat
|
postgresql software_collections enterprise_linux enterprise_linux_server_tus enterprise_linux_server_aus enterprise_linux_eus enterprise_linux_for_arm_64 enterprise_linux_for_pow…
|
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handli…
|
NVD-CWE-noinfo
|
CVE-2023-5868
|
2024-09-14 09:15 |
2023-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2004
|
- |
|
-
|
-
|
A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-4467
|
2024-09-14 07:15 |
2024-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2005
|
5.9 |
MEDIUM
Network
|
clusterlabs redhat
|
booth enterprise_linux enterprise_linux_eus enterprise_linux_server_update_services_for_sap_solutions enterprise_linux_for_power_little_endian_eus enterprise_linux_for_ibm_z_systems_eu…
|
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-3049
|
2024-09-14 07:15 |
2024-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2006
|
- |
|
-
|
-
|
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEv…
|
CWE-416
Use After Free
|
CVE-2024-4418
|
2024-09-14 07:15 |
2024-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2007
|
7.5 |
HIGH
Network
fastadmin
|
fastadmin
|
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipula…
|
CWE-22
Path Traversal
|
CVE-2024-7928
|
2024-09-14 06:33 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2008
|
9.8 |
CRITICAL
Network
eyecix
|
jobsearch_wp_job_board
|
Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-43931
|
2024-09-14 06:22 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2009
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27122
|
2024-09-14 06:16 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2010
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
|
-
|
CVE-2024-40430
|
2024-09-14 06:15 |
2024-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|