37 matches found
MiracleLinux 7 : rh-postgresql10-postgresql-10.6-1.el7 (AXSA:2019-3615:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3615:01 advisory. postgresql: SQL injection in pgupgrade and pgdump, via CREATE TRIGGER ... REFERENCING CVE-2018-16850 Tenable has extracted the preceding description block...
RHEL 7 : rh-postgresql10-postgresql (RHSA-2018:3757)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3757 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version:...
BELL-CVE-2018-16850 CVE-2018-16850 does not affect BellSoft software
Bulletin has no description...
CVE-2019-16850
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none...
Mitsubishi Electric MELSEC iQ-R Series Uncontrolled Resource Consumption (CVE-2020-16850)
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to...
SUSE: Security Advisory (SUSE-SU-2018:3942-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-16850
creationtimestamp| type| source ---|---|--- 2020-12-01 00:53:26+00:00| seen| https://t.me/cibsecurity/16956 2023-12-18 14:09:55+00:00| seen| https://t.me/arpsyndicate/1999...
CVE-2020-16850
CVE-2020-16850 affects Mitsubishi Electric MELSEC iQ-R Series PLCs (firmware 49) and is caused by improper input validation. A crafted network packet can cause an unauthenticated remote DoS, halting the industrial process and requiring physical access to recover the device state. Documented affec...
Mitsubishi Electric MELSEC iQ-R Series (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...
CVE-2018-16850
A SQL Injection flaw has been discovered in PostgreSQL server in the way triggers that enable transition relations are dumped. The transition relation name is not correctly quoted and it may allow an attacker with CREATE privilege on some non-temporary schema or TRIGGER privilege on some table to...
EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2019-2297)
According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pgupgrade and pgdump via CREATE TRIGGER ... REFERENCING. Using a...
openSUSE Security Update : postgresql10 (openSUSE-2019-967)
This update for postgresql10 fixes the following issues : Security issue fixed : - CVE-2018-16850: Fixed improper quoting of transition table names when pgdump emits CREATE TRIGGER could have caused privilege escalation bsc1114837. Non-security issues fixed : - Update to release 10.6 : -...
SUSE SLED15 / SLES15 Security Update : postgresql10 (SUSE-SU-2018:3942-1)
This update for postgresql10 fixes the following issues : Security issue fixed : CVE-2018-16850: Fixed improper quoting of transition table names when pgdump emits CREATE TRIGGER could have caused privilege escalation bsc1114837. Non-security issues fixed: Update to release 10.6 : -...
SUSE SLED12 / SLES12 Security Update : postgresql10 (SUSE-SU-2018:3770-2)
This update for postgresql10 fixes the following issues : Security issue fixed : CVE-2018-16850: Fixed improper quoting of transition table names when pgdump emits CREATE TRIGGER could have caused privilege escalation bsc1114837. Non-security issues fixed: Update to release 10.6 : -...
SUSE-SU-2018:3770-2 Security update for postgresql10
This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2018-16850: Fixed improper quoting of transition table names when pgdump emits CREATE TRIGGER could have caused privilege escalation bsc1114837. Non-security issues fixed: - Update to release 10.6:...
Security fix for the ALT Linux 8 package postgresql10 version 10.6-alt0.M80P.1
10.6-alt0.M80P.1 built Dec. 11, 2018 Alexei Takaseev in task 216249 Nov. 8, 2018 Alexei Takaseev - 10.6 - Fixes CVE-2018-16850 - Add conflict to PG 11...
openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2018:4031-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : postgresql10 (openSUSE-2018-1493)
This update for postgresql10 fixes the following issues : Security issue fixed : - CVE-2018-16850: Fixed improper quoting of transition table names when pgdump emits CREATE TRIGGER could have caused privilege escalation bsc1114837. Non-security issues fixed : - Update to release 10.6 : -...
Security update for postgresql10 (moderate)
This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2018-16850: Fixed improper quoting of transition table names when pgdump emits CREATE TRIGGER could have caused privilege escalation bsc1114837. Non-security issues fixed: - Update to release 10.6:...
Important: Red Hat Security Advisory: rh-postgresql10-postgresql security update
An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...