ROS-20260429-73-0014

A vulnerability in the PostgreSQL database management system is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the context of the current user using specially crafted queries...

ROS-20260429-73-0012

A vulnerability in the pgtrgm component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

ROS-20260429-73-0015

A vulnerability in the PostgreSQL database management system is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the context of the current user using specially crafted queries...

ROS-20260429-73-0026

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0023

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0016

A vulnerability in the PostgreSQL database management system is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the context of the current user using specially crafted queries...

ROS-20260429-73-0013

A vulnerability in the PostgreSQL database management system is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the context of the current user using specially crafted queries...

ROS-20260429-73-0010

A vulnerability in the PostgreSQL database management system's oidvector data type handling function is related to reading beyond memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to expose server memory bytes and gain access to sensitive informat...

ROS-20260429-73-0004

A vulnerability in the PostgreSQL database management system's oidvector data type handling function is related to reading beyond memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to expose server memory bytes and gain access to sensitive informat...

ROS-20260429-73-0002

A vulnerability in the PostgreSQL database management system's oidvector data type handling function is related to reading beyond memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to expose server memory bytes and gain access to sensitive informat...

ROS-20260429-73-0018

A vulnerability in the PostgreSQL database management system is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the context of the current user using specially crafted queries...

ROS-20260429-73-0031

A vulnerability in the Intarray extension selectivity evaluation function of the PostgreSQL database management system is related to insufficient validation of the specified input data type. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the...

Exploit for CVE-2026-42167

ProFTPD Vulnerability POCs Proof-of-concept demonstrations fo...

[SECURITY] Fedora 44 Update: pgadmin4-9.14-3.fc44

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

[SECURITY] Fedora 44 Update: roundcubemail-1.7~rc6-1.fc44

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 43 Update: coturn-4.10.0-1.fc43

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

RUSTSEC-2026-0136 Command injection in Diesel's implementation of `COPY FROM`/`COPY TO`

Diesel allows users to configure various options for PostgreSQL's COPY FROM and COPY TO statements. These configurations are partially provided as strings or characters. Diesel did not check if any these user-provided options contain a quote character ', which can lead to the injection of...

GHSA-QMCV-HH7C-3M56 H2O-3 is Vulnerable to Code Injection

A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific...

H2O-3 is Vulnerable to Code Injection

A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific...

CVE-2026-3960

A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific...