24h | 7d | 30d

Overview

  • Pending

08 Jun 2022
Published
03 Nov 2025
Updated

CVSS
Pending
EPSS
0.34%

KEV

Description

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.

Statistics

  • 1 Post

Last activity: 16 hours ago

Bluesky

Profile picture fallback
U-Boot Nightmare: New RCE Flaws Expose Millions of Embedded Devices to Remote Takeover + Video Introduction: Two critical buffer overflow vulnerabilities, designated CVE-2022-30790 and CVE-2022-30552, have been discovered in Das U-Boot 2022.01, the ubiquitous bootloader powering countless embedded…
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • kovidgoyal
  • calibre

06 Feb 2026
Published
06 Feb 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.01%

KEV

Description

calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection (SSTI) vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via the --template-html or --template-html-index command-line options. This vulnerability is fixed in 9.2.0.

Statistics

  • 1 Post

Last activity: 7 hours ago

Bluesky

Profile picture fallback
[Backport release-25.11] calibre: apply fix for CVE-2026-25731 and CVE-2026-25635 https://github.com/NixOS/nixpkgs/pull/491575 #security
  • 0
  • 0
  • 0
  • 7h ago

Overview

  • GitLab
  • GitLab

08 Jun 2021
Published
03 Aug 2024
Updated

CVSS v3.1
MEDIUM (6.8)
EPSS
93.52%

KEV

Description

When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 20 hours ago

Fediverse

Profile picture fallback

Gitlab vulnerability CVE-2021-22175 got added to the CISA KEV. But this vuln is just a more complete patch to CVE-2021-22214. Likewise CVE-2021-39935 covers even more case where the CI Lint function could be used without authentication. In fact, the exploit code identical for all vulnerabilites. CVE-2021-39935 was already on the list, CVE-2021-22175 got added today and CVE-2021-22214 is still missing.

#cybersecurity #vulnerability #circus

  • 1
  • 0
  • 0
  • 20h ago

Overview

  • GitLab
  • GitLab

13 Dec 2021
Published
03 Feb 2026
Updated

CVSS v3.1
MEDIUM (6.8)
EPSS
54.31%

Description

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Server Side Requests via the CI Lint API

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 20 hours ago

Fediverse

Profile picture fallback

Gitlab vulnerability CVE-2021-22175 got added to the CISA KEV. But this vuln is just a more complete patch to CVE-2021-22214. Likewise CVE-2021-39935 covers even more case where the CI Lint function could be used without authentication. In fact, the exploit code identical for all vulnerabilites. CVE-2021-39935 was already on the list, CVE-2021-22175 got added today and CVE-2021-22214 is still missing.

#cybersecurity #vulnerability #circus

  • 1
  • 0
  • 0
  • 20h ago

Overview

  • PostgreSQL

12 Feb 2026
Published
13 Feb 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
0.11%

KEV

Description

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Statistics

  • 1 Post

Last activity: 17 hours ago

Bluesky

Profile picture fallback
PostgreSQL、5つの重大な脆弱性を修正(CVE-2026-2004,CVE-2026-2005,CVE-2026-2006,CVE-2026-2007,CVE-2026-2003) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 17h ago

Overview

  • PostgreSQL

12 Feb 2026
Published
13 Feb 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
0.07%

KEV

Description

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Statistics

  • 1 Post

Last activity: 17 hours ago

Bluesky

Profile picture fallback
PostgreSQL、5つの重大な脆弱性を修正(CVE-2026-2004,CVE-2026-2005,CVE-2026-2006,CVE-2026-2007,CVE-2026-2003) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 17h ago

Overview

  • PostgreSQL

12 Feb 2026
Published
12 Feb 2026
Updated

CVSS v3.1
MEDIUM (4.3)
EPSS
0.04%

KEV

Description

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Statistics

  • 1 Post

Last activity: 17 hours ago

Bluesky

Profile picture fallback
PostgreSQL、5つの重大な脆弱性を修正(CVE-2026-2004,CVE-2026-2005,CVE-2026-2006,CVE-2026-2007,CVE-2026-2003) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 17h ago

Overview

  • PostgreSQL

12 Feb 2026
Published
13 Feb 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
0.06%

KEV

Description

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Statistics

  • 1 Post

Last activity: 17 hours ago

Bluesky

Profile picture fallback
PostgreSQL、5つの重大な脆弱性を修正(CVE-2026-2004,CVE-2026-2005,CVE-2026-2006,CVE-2026-2007,CVE-2026-2003) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 17h ago

Overview

  • PostgreSQL

12 Feb 2026
Published
12 Feb 2026
Updated

CVSS v3.1
HIGH (8.2)
EPSS
0.05%

KEV

Description

Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and 18.0 are affected.

Statistics

  • 1 Post

Last activity: 17 hours ago

Bluesky

Profile picture fallback
PostgreSQL、5つの重大な脆弱性を修正(CVE-2026-2004,CVE-2026-2005,CVE-2026-2006,CVE-2026-2007,CVE-2026-2003) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 17h ago
Showing 61 to 69 of 69 CVEs