Vulnerability in core server (CVE-2026-2003)

PostgreSQL oidvector discloses a few bytes of memory Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they...

openSUSE 16 Security Update : orthanc, gdcm, orthanc-authorization, orthanc-dicomweb, orthanc-gdcm, orthanc-indexer, orthanc-mysql, orthanc-neuro, orthanc-postgresql, orthanc-python, orthanc-stl, orthanc-tcia, orthanc-wsi, python-pyorthanc (openSUSE-SU-2026:20193-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20193-1 advisory. Changes in orthanc: - dcmtk 370 breaks TW build - switch to lua 5.4 - patch out boost component system from framework - version 1.12.10 ' long...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Security vulnerabilities existed in versions prior to PostgreSQL...

OPENSUSE-SU-2026:10191-1 postgresql15-15.16-1.1 on GA media

These are all security issues fixed in the postgresql15-15.16-1.1 package on the GA media of openSUSE Tumbleweed...

KLA90883 PE vulnerability in PostgreSQL

Heap buffer overflow vulnerability was found in PostgreSQL. Malicious users can exploit this vulnerability to cause denial of service, gain privileges. Original advisories PostgreSQL pgtrgm heap buffer overflow writes pattern onto server memory Exploitation Related products PostgreSQL CVE list...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Security vulnerabilities existed in versions prior to PostgreSQL...

DSA-6133-1 postgresql-17 - security update

Bulletin has no description...

OPENSUSE-SU-2026:10190-1 postgresql14-14.21-1.1 on GA media

These are all security issues fixed in the postgresql14-14.21-1.1 package on the GA media of openSUSE Tumbleweed...

DSA-6132-1 postgresql-15 - security update

Bulletin has no description...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Vulnerabilities existed in versions prior to PostgreSQL 18.2, 17....

Linux Distros Unpatched Vulnerability : CVE-2026-2007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over th...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Security vulnerabilities existed in versions prior to PostgreSQL...

Vulnerability in contrib module (CVE-2026-2007)

PostgreSQL pgtrgm heap buffer overflow writes pattern onto server memory Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the...

KLA90882 Multiple vulnerabilities in PostgreSQL

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Improper validation vulnerability in PostgreSQL can be used to...

CVE-2026-2361

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...

CVE-2026-2361

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...

CVE-2026-2360

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...

UBUNTU-CVE-2026-2361

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...

CVE-2026-2361 Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user with create privilege to gain superuser privileges

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.gettablesampleratio function is then called, the malicious code is executed with superuser privileges. This...

CVE-2026-2361

CVE-2026-2361 affects PostgreSQL Anonymizer. A user can gain superuser privileges by creating a temporary view that includes a function with malicious code; when anon.get_tablesample_ratio runs, the code executes with superuser privileges. This requires CREATE privilege in PostgreSQL 15+ and is m...