CVE-2024-5532

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system...

Advisory ROSA-SA-2024-2501

Software: postgresql 12.20 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.20-1.rv3 CVE-ID: CVE-2021-32027 BDU-ID: 2021-02776 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to an operation exceeding buffer boundaries during array...

Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-012)

The version of postgresql installed on the remote host is prior to 14.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-012 advisory. Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary...

Amazon Linux 2 : libpq (ALASPOSTGRESQL12-2024-012)

The version of libpq installed on the remote host is prior to 12.20-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-012 advisory. Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL...

Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2024-011)

The version of postgresql installed on the remote host is prior to 12.20-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-011 advisory. Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary...

GLSA-202409-02 : PostgreSQL: Privilege Escalation

The remote host is affected by the vulnerability described in GLSA-202409-02 PostgreSQL: Privilege Escalation A vulnerability has been discovered in PostgreSQL. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the...

OPENSUSE-SU-2024:14348-1 postgresql12-12.20-1.1 on GA media

These are all security issues fixed in the postgresql12-12.20-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE SLES12 Security Update : postgresql16 (SUSE-SU-2024:3191-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3191-1 advisory. - Upgrade to 12.20 bsc1229013 - CVE-2024-7348: PostgreSQL relation replacement during pgdump executes arbitrary SQL. bsc1229013 Tenable has...

SUSE: Security Advisory (SUSE-SU-2024:3153-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2024-1977 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

CVE-2024-7348

A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the R...

CVE-2024-7348

Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...

CVE-2024-7348 PostgreSQL relation replacement during pg_dump executes arbitrary SQL

Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...

HP Performance Center Cross-Site Scripting Vulnerability

HP Performance Center is a suite of performance load testing software from Hewlett Packard Enterprise HPE. A cross-site scripting vulnerability exists in HP Performance Center version 12.20, which stems from the program failing to filter user-submitted input. A remote attacker could use this...

CVE-2017-14359

CVE-2017-14359 describes a cross-site scripting vulnerability in HPE Performance Center 12.20 . The issue arises from the product failing to filter user-submitted input, enabling a remote attacker to execute script code in the context of an affected web interface. Connected documents corroborate ...

CVE-2017-14359 MFSBGN03788 rev.1 - HPE Performance Center, Remote Cross-Site Scripting (XSS)

A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting...