116 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-32028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read...
TencentOS Server 3: postgresql (TSSA-2022:0181)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0181 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
ROS-2-522
2.522 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
Advisory ROSA-SA-2024-2501
Software: postgresql 12.20 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.20-1.rv3 CVE-ID: CVE-2021-32027 BDU-ID: 2021-02776 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to an operation exceeding buffer boundaries during array...
ROS-2-1437
2.1437 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
ROS-2-1316
2.1316 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
ROS-2-876
2.876 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2023-004)
The version of postgresql installed on the remote host is prior to 12.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL12-2023-004 advisory. A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL11-2023-003)
The version of postgresql installed on the remote host is prior to 11.12-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL11-2023-003 advisory. A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL13-2023-003)
The version of postgresql installed on the remote host is prior to 13.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL13-2023-003 advisory. A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let...
Important: postgresql
Issue Overview: A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as...
BELL-CVE-2021-32028 CVE-2021-32028 does not affect BellSoft software
Bulletin has no description...
GLSA-202211-04 : PostgreSQL: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202211-04 PostgreSQL: Multiple Vulnerabilities - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries...
Hitachi Energy MicroSCADA X DMS600
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Hitachi Energy Equipment: DMS600 Vulnerability: Reliance on Uncontrolled Component 2. RISK EVALUATION Successful exploitation of this vulnerabilities could allow an attacker to gain unauthorized access...
SUSE SLES15: libecpg6 / libpq5 / libpq5-32bit / postgresql12 / etc (SUSE-SU-2022:2958-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2958-1 advisory. - Upgrade to 12.12: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension...
SUSE: Security Advisory (SUSE-SU-2022:2958-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : postgresql:10 (RLSA-2021:2361)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2361 advisory. - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array...
Rocky Linux 8 : postgresql:9.6 (RLSA-2021:2360)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2360 advisory. - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array...
Rocky Linux 8 : postgresql:13 (RLSA-2021:2375)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2375 advisory. - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array...
Mageia: Security Advisory (MGASA-2021-0221)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...