| 2024-08-12 | CVE-2024-7006 | NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. | 7.5 |
| 2024-07-01 | CVE-2024-6387 | Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). | 8.1 |
| 2024-06-06 | CVE-2024-3049 | Insufficient Verification of Data Authenticity vulnerability in multiple products
A flaw was found in Booth, a cluster ticket manager. | 5.9 |
| 2024-02-12 | CVE-2023-6681 | Resource Exhaustion vulnerability in multiple products
A vulnerability was found in JWCrypto. | 5.3 |
| 2024-01-31 | CVE-2023-5992 | Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. | 5.9 |
| 2023-12-27 | CVE-2023-4641 | Improper Authentication vulnerability in multiple products
A flaw was found in shadow-utils. | 5.5 |
| 2023-12-10 | CVE-2023-5868 | A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. | 4.3 |
| 2023-12-10 | CVE-2023-5869 | Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. | 8.8 |
| 2023-12-10 | CVE-2023-5870 | A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. | 4.4 |
| 2023-11-03 | CVE-2023-46846 | HTTP Request Smuggling vulnerability in multiple products
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. | 5.3 |