14 matches found
Astra Linux - уязвимость в postgresql-11
A vulnerability was discovered in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the...
K000160103: PostgreSQL vulnerability CVE-2022-2625
Security Advisory Description A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait...
SUSE CVE-2022-2625
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...
Security Bulletin: IBM® Db2® is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. (CVE-2022-22483)
Summary IBM® Db2® is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. Vulnerability Details CVEID:CVE-2022-22483 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5,...
CVE-2022-22483
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979...
CVE-2022-22483
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979...
CVE-2022-22483
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979...
PT-2022-15463 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows versions 9.7, 10.1, 10.5, 11.1, and 11.5 Description: The issue is related to an information disclosure due to unauthorized access caused by improper privilege management when the CREATE OR REPLACE command ...
CVE-2022-22483
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979...
AZL-10595 CVE-2022-2625 affecting package postgresql for versions less than 14.5-1
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...
CVE-2022-2625
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...
Vulnerability in core server (CVE-2022-2625)
Extension scripts replace objects not belonging to the extension Some extensions use CREATE OR REPLACE or CREATE IF NOT EXISTS commands. Some don't adhere to the documented rule to target only objects known to be extension members already. An attack requires permission to create non-temporary...
PostgreSQL 8.3.6 Low Cost Function Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34069/info PostgreSQL is prone to an information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. PostgreSQL 8.3.6 is vulnerable; other...
Design/Logic Flaw
Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the...