Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aggregate vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-28346
An issue exists in Django 2.2 prior to 2.2.28, 3.2 prior to 3.2.13, and 4.0 prior to 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
Djangoproject Django
Debian Debian Linux 9.0
Debian Debian Linux 11.0
7 Github repositories
9.8
CVSSv3
CVE-2020-12460
OpenDMARC up to and including 1.3.2 and 1.4.x up to and including 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap overflow in opendmarc_xml when parsing a specially crafted DMARC aggregate report. This can cause rem...
Trusteddomain Opendmarc 1.4.0
Trusteddomain Opendmarc
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
NA
CVE-2006-5540
backend/parser/analyze.c in PostgreSQL 8.1.x prior to 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."
Postgresql Postgresql 6.3.2
Postgresql Postgresql 6.5.3
Postgresql Postgresql 7.2.1
Postgresql Postgresql 7.2.2
Postgresql Postgresql 7.3.11
Postgresql Postgresql 7.3.12
Postgresql Postgresql 7.3.6
Postgresql Postgresql 7.3.8
Postgresql Postgresql 7.4.2
Postgresql Postgresql 7.4.3
Postgresql Postgresql 8.0
Postgresql Postgresql 8.0.1
Postgresql Postgresql 8.0.8
Postgresql Postgresql 8.1
Postgresql Postgresql 7.1.2
Postgresql Postgresql 7.1.3
Postgresql Postgresql 7.2
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.3.4
Postgresql Postgresql 7.4.12
7.8
CVSSv3
CVE-2018-8550
An elevation of privilege exists in Windows COM Aggregate Marshaler, aka "Windows COM Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windo...
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows 10 1703
Microsoft Windows 10 1803
Microsoft Windows Server 2012 -
Microsoft Windows Server 2016 -
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows Server 2016 1709
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1709
Microsoft Windows 10 1809
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
1 EDB exploit
5.3
CVSSv3
CVE-2021-41123
Survey Solutions is a survey management and data collection system. In affected versions the Headquarters application publishes /metrics endpoint available to any user. None of the survey answers are ever exposed, only the aggregate counters, including count of interviews, or cou...
Mysurvey Survey Solutions
NA
CVE-2005-0244
PostgreSQL 8.0.0 and previous versions allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command.
Postgresql Postgresql 7.2.5
Postgresql Postgresql 7.2.6
Postgresql Postgresql 7.3.5
Postgresql Postgresql 7.3.6
Postgresql Postgresql 7.4.4
Postgresql Postgresql 7.4.5
Postgresql Postgresql 7.2.3
Postgresql Postgresql 7.2.4
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.3.4
Postgresql Postgresql 7.4.2
Postgresql Postgresql 7.4.3
Postgresql Postgresql 7.2
Postgresql Postgresql 7.2.7
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.7
Postgresql Postgresql 7.3.8
Postgresql Postgresql 7.4.6
Postgresql Postgresql 7.4.7
Postgresql Postgresql 7.2.1
Postgresql Postgresql 7.2.2
Postgresql Postgresql 7.3.1
7.8
CVSSv3
CVE-2023-0950
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an malicious user to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malf...
Libreoffice Libreoffice
Debian Debian Linux 10.0
NA
CVE-2005-0247
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and previous versions may allow malicious users to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SE...
Postgresql Postgresql 7.2.6
Postgresql Postgresql 7.2.7
Postgresql Postgresql 7.3.7
Postgresql Postgresql 7.3.8
Postgresql Postgresql 7.4.5
Postgresql Postgresql 7.4.6
Postgresql Postgresql 7.2.4
Postgresql Postgresql 7.2.5
Postgresql Postgresql 7.3.4
Postgresql Postgresql 7.3.5
Postgresql Postgresql 7.2
Postgresql Postgresql 7.2.1
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.9
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.7
Postgresql Postgresql 8.0.0
Postgresql Postgresql 7.2.2
Postgresql Postgresql 7.2.3
Postgresql Postgresql 7.3.2
Postgresql Postgresql 7.3.3
NA
CVE-2005-0245
Buffer overflow in gram.y for PostgreSQL 8.0.0 and previous versions may allow malicious users to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.
Postgresql Postgresql 8.0
Postgresql Postgresql
1 EDB exploit
NA
CVE-2005-0246
The intagg contrib module for PostgreSQL 8.0.0 and previous versions allows malicious users to cause a denial of service (crash) via crafted arrays.
Postgresql Postgresql
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »