|
901
|
7.2 |
HIGH
Network
|
-
|
-
|
SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next r…
|
CWE-89
SQL Injection
|
CVE-2026-6476
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
902
|
8.8 |
HIGH
Network
|
-
|
-
|
Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a cli…
|
CWE-242
Use of Inherently Dangerous Function
|
CVE-2026-6477
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
903
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 …
|
CWE-385
Covert Timing Channel
|
CVE-2026-6478
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
904
|
7.5 |
HIGH
Network
|
-
|
-
|
Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disable…
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-6479
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
905
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintain…
|
CWE-126
Buffer Over-read
|
CVE-2026-6575
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
906
|
8.8 |
HIGH
Network
|
-
|
-
|
Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if…
|
CWE-89
CWE-121
SQL Injection
Stack-based Buffer Overflow
|
CVE-2026-6637
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
907
|
3.7 |
LOW
Network
|
-
|
-
|
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credenti…
|
CWE-89
SQL Injection
|
CVE-2026-6638
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
908
|
6.8 |
MEDIUM
Local
|
-
|
-
|
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the Netty Redis codec encoder (RedisEncoder) writes user-controlled string content direc…
|
CWE-93
CRLF Injection
|
CVE-2026-42586
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
909
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-42587
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
910
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations.
|
CWE-284
Improper Access Control
|
CVE-2026-28374
|
2026-05-15 01:21 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
