Lucene search
K

84 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : postgresql:13 (AXSA:2024-7390:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7390:01 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

8.8CVSS8.3AI score0.04322EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : postgresql:12 (AXSA:2024-7394:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7394:01 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

8.8CVSS8AI score0.04322EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/29 11:11 a.m.13 views

Security Bulletin: CVE-2023-39417: Extension script @substitutions@ within quoting allow SQL injection

Summary An extension script is vulnerable if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". No bundled extension is vulnerable. Vulnerable uses do appear in a documentation example and in non-bundled extensions. Hence, the attack...

8.8CVSS8.9AI score0.01572EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/29 10:24 a.m.6 views

Security Bulletin: CVE-2023-39417 - Extension script @substitutions@ within quoting allow SQL injection

Summary IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker...

8.8CVSS8.3AI score0.01572EPSS
Exploits0Affected Software1
Rosalinux
Rosalinux
added 2025/03/01 9:32 p.m.8 views

Advisory ROSA-SA-2025-2743

Software: postgresql14 14.13 OS: ROSA Virtualization 3.0 packageevrstring: postgresql14-14.13-2PGDG.0.1.rv30 CVE-ID: CVE-2023-2454 BDU-ID: 2023-03247 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Schema Handler component of the PostgreSQL database management system is related to access...

8.8CVSS7.9AI score0.04322EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/10/03 8:57 p.m.24 views

Advisory ROSA-SA-2024-2486

Software: postgresql15 15.7 OS: rosa-server79 packageevrstring: postgresql15-15.7-1PGDG.res7 CVE-ID: CVE-2023-39418 BDU-ID: 2023-04768 CVE-Crit: LOW CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to access delimitation flaws. Exploitation of the vulnerability...

8.8CVSS8.3AI score0.04322EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/10/03 8:55 p.m.29 views

Advisory ROSA-SA-2024-2485

Software: postgresql14 14.12 OS: rosa-server79 packageevrstring: postgresql14-14.12-1PGDG.res7 CVE-ID: CVE-2022-41862 BDU-ID: 2023-02003 CVE-Crit: LOW CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to information disclosure. Exploitation of the vulnerability...

8.8CVSS7.8AI score0.04322EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/30 12:0 a.m.21 views

Oracle Linux 9 : postgresql:15 (ELSA-2024-6020)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6020 advisory. - Fix CVE-2024-0985 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 - Fixes CVE-2023-2454 and CVE-2023-2455...

8.8CVSS6.6AI score0.04322EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.18 views

Photon OS 4.0: Postgresql13 PHSA-2023-4.0-0450

An update of the postgresql13 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0450. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.8CVSS7.8AI score0.01572EPSS
Exploits0References2
Broadcom
Broadcom
added 2024/04/16 12:0 a.m.34 views

Extension script @substitutions@ within quoting allow SQL injection (CVE-2023-39417)

An extension script is vulnerable if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". No bundled extension is vulnerable. Vulnerable uses do appear in a documentation example and in non-bundled extensions. Hence, the attack prerequisite is ...

7.5CVSS7.9AI score0.01572EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.24 views

openSUSE: Security Advisory for postgresql15 (SUSE-SU-2023:3347-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.01572EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.20 views

openSUSE: Security Advisory for postgresql15 (SUSE-SU-2023:3384-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.6AI score0.01572EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.25 views

openSUSE: Security Advisory for postgresql15 (SUSE-SU-2023:3348-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.6AI score0.01572EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.19 views

openSUSE: Security Advisory for postgresql15 (SUSE-SU-2023:3344-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.6AI score0.01572EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/01/14 10:46 p.m.13 views

CVE-2023-39417 affecting package postgresql for versions less than 14.10-1

CVE-2023-39417 affecting package postgresql for versions less than 14.10-1. An upgraded version of the package is available that resolves this issue...

8.8CVSS9.2AI score0.01572EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/09 8:27 p.m.61 views

Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access.

Summary There were multiple Security Vulnerabilities that were reported against IBM Security Verify Access. These have been addressed in IBM Security Verify Access 10.0.7.0 Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is vulnerable to a denial of service, caused by stack-based...

9.8CVSS10AI score0.99615EPSS
Exploits23Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.27 views

CentOS 8 : postgresql:12 (CESA-2023:7714)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7714 advisory. - IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quotin...

8.8CVSS7.6AI score0.04322EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/03 3:50 p.m.67 views

Security Bulletin: Extension script @substitutions@ within quoting allow SQL injection in EDB PostgresSQL

Summary Per CVE-2023-39417, extension script @substitutions@ within quoting allow SQL injection in EDB PostgreSQL with IBM, EDB Postgres Advanced Server with IBM and IBM Data Management Platform for EDB Postgres Enterprise for IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2023-39417...

8.8CVSS8.6AI score0.01572EPSS
Exploits0Affected Software3
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.48 views

AlmaLinux 8 : postgresql:15 (ALSA-2023:7884)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7884 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-58...

8.8CVSS6.9AI score0.04322EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/20 9:43 a.m.39 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

8.8CVSS6.8AI score0.04322EPSS
Exploits0References6
Rows per page
Query Builder