VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
> Software Collections
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-12-10
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments.
network
low complexity
postgresql
redhat
4.3
4.3
2023-12-10
CVE-2023-5869
Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification.
network
low complexity
postgresql
redhat
CWE-190
8.8
8.8
2023-12-10
CVE-2023-5870
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher.
network
high complexity
postgresql
redhat
4.4
4.4
2023-11-02
CVE-2022-4900
Out-of-bounds Write vulnerability in multiple products
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
local
low complexity
php
redhat
CWE-787
5.5
5.5
2023-08-11
CVE-2023-39417
SQL Injection vulnerability in multiple products
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or "").
network
low complexity
postgresql
redhat
debian
CWE-89
8.8
8.8
2023-06-09
CVE-2023-2454
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
network
low complexity
postgresql
redhat
fedoraproject
7.2
7.2
2023-06-09
CVE-2023-2455
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.
network
low complexity
postgresql
redhat
fedoraproject
5.4
5.4
2023-03-06
CVE-2022-4904
Improper Validation of Specified Quantity in Input vulnerability in multiple products
A flaw was found in the c-ares package.
network
low complexity
c-ares-project
redhat
fedoraproject
CWE-1284
8.6
8.6
2022-09-09
CVE-2020-10735
Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in python.
network
low complexity
python
redhat
fedoraproject
CWE-704
7.5
7.5
2022-08-24
CVE-2021-4189
Unchecked Return Value vulnerability in multiple products
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode.
network
low complexity
python
debian
redhat
netapp
CWE-252
5.3
5.3
«
1
(current)
2
3
4
5
...
13
14
»
Next