RLSA-2026:4064 Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator...

RLSA-2026:4059 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator...

RLSA-2026:4024 Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator...

postgresql:13 security update

An update is available for pgrepack, pgaudit, module.postgres-decoderbufs, module.pgaudit, postgresql, module.pgrepack, postgres-decoderbufs, module.postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

postgresql:12 security update

An update is available for pgrepack, pgaudit, module.postgres-decoderbufs, module.pgaudit, postgresql, module.pgrepack, postgres-decoderbufs, module.postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

postgresql:15 security update

An update is available for pgrepack, pgaudit, module.postgres-decoderbufs, module.pgaudit, postgresql, module.pgrepack, postgres-decoderbufs, module.postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2

Summary Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2 Vulnerability Details CVEID:CVE-2024-22415 DESCRIPTION: jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters +...

Important: Red Hat Security Advisory: postgresql:16 security update

An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code

A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the pgcrypto component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL oidvector discloses a few bytes of memory

A type validation flaw has been discovered in postgresql. Improper validation of the type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely...

postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code

A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...

EUVD-2026-10352

@budibase/server: Command Injection in PostgreSQL Dump Command...

GHSA-726G-59WR-CJ4C @budibase/server: Command Injection in PostgreSQL Dump Command

Location: packages/server/src/integrations/postgres.ts:529-531 Description The PostgreSQL integration constructs shell commands using user-controlled configuration values database name, host, password, etc. without proper sanitization. The password and other connection parameters are directly...

@budibase/server: Command Injection in PostgreSQL Dump Command

Location: packages/server/src/integrations/postgres.ts:529-531 Description The PostgreSQL integration constructs shell commands using user-controlled configuration values database name, host, password, etc. without proper sanitization. The password and other connection parameters are directly...

postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code

A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the pgcrypto component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code

A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...

Important: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...