📦 Software Collections

This CVE-2023-5869 vulnerability in PostgreSQL allows authenticated database users to execute arbitrary code on the server through an integer overflow when modifying SQL arrays. Attackers can write ar...

This SQL injection vulnerability in PostgreSQL allows attackers with database-level CREATE privilege to execute arbitrary code as the bootstrap superuser when exploiting improperly quoted extension sc...

CVE-2023-2454 is a PostgreSQL vulnerability where the schema_element function can bypass protective search_path changes, allowing authenticated attackers with elevated database privileges to execute a...

CVE-2022-4904 is a stack buffer overflow vulnerability in the c-ares DNS library's ares_set_sortlist function. Attackers can trigger denial of service or potentially execute arbitrary code by providin...

This vulnerability in KVM's AMD SVM nested virtualization allows a malicious L1 guest to disable security intercepts for L2 guests, potentially enabling L2 guests to read/write host physical memory. T...

CVE-2021-23214 is a SQL injection vulnerability in PostgreSQL that allows man-in-the-middle attackers to inject arbitrary SQL queries during initial connection establishment, even when SSL certificate...

CVE-2022-0711 is a denial-of-service vulnerability in HAProxy where specially crafted HTTP responses containing Set-Cookie2 headers can trigger an infinite loop, causing the service to become unrespon...

This vulnerability in Ruby's CGI::Cookie.parse function mishandles security prefixes in cookie names, allowing attackers to bypass cookie security mechanisms. It affects Ruby versions through 2.6.8 an...

CVE-2021-41817 is a regular expression denial of service (ReDoS) vulnerability in Ruby's date gem. Attackers can cause denial of service by sending specially crafted long strings to Date.parse methods...

CVE-2021-4104 is a deserialization vulnerability in Log4j 1.2's JMSAppender that allows remote code execution when attackers can modify Log4j configuration files. This affects systems running Log4j 1....

This vulnerability in Pygments' SMLLexer causes an infinite loop when processing Standard ML source files containing only the 'exception' keyword, leading to denial of service. It affects systems usin...

An uncontrolled resource consumption vulnerability in HAProxy could allow an authenticated remote attacker to crash the service by running a specially crafted malicious server in an OpenShift cluster....