CVE-2024-11120 - Unauthenticated OS Command Injection in End-of-Life GeoVision Devices Exploited in the Wild
GeoVision, known globally for its video surveillance products, has left a critical vulnerability in some of its End-of-Life (EOL) devices. This flaw, identified as CVE-2024-11120,
CVE-2024-10978 - Unpacking PostgreSQL's Incorrect Privilege Assignment Vulnerability
Published: June 2024
CVSS Score: 6.3 (Medium)
Affected Versions: PostgreSQL before 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21
CVE-2024-10979 - How PL/Perl’s Environment Bug in PostgreSQL Can Lead to Remote Code Execution
In early 2024, the PostgreSQL community patched a critical vulnerability known as CVE-2024-10979. If you administer or develop on Postgres, especially with the PL/Perl
CVE-2024-10977 - How Attacker-Controlled Error Messages in PostgreSQL Client Libraries Can Risk Your Data
PostgreSQL is one of the world’s most popular and trusted database systems, supporting mission-critical apps for millions. But even PostgreSQL isn’t immune to
CVE-2024-10976 - Risks of Incomplete Row Security Tracking in PostgreSQL Through Query Plan Reuse
Summary:
CVE-2024-10976 is a newly-identified vulnerability in PostgreSQL that can let a user bypass row-level security (RLS) and access or modify rows that should be
Episode
00:00:00
00:00:00