MiracleLinux 8 : postgresql:13 (AXSA:2024-7390:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7390:01 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

MiracleLinux 8 : postgresql:12 (AXSA:2024-7394:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7394:01 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

TencentOS Server 3: postgresql:13 (TSSA-2023:0309)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0309 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Advisory ROSA-SA-2025-2665

software: postgresql 12.16 WASP: ROSA-CHROME packageevrstring: postgresql-12.16 CVE-ID: CVE-2023-5868 BDU-ID: 2023-07905 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to the lack of service data protection in function calls with aggregation...

CBL Mariner 2.0 Security Update: postgresql (CVE-2023-5870)

The version of postgresql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5870 advisory. - A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers,...

CVE-2023-5870 affecting package postgresql for versions less than 14.14-1

CVE-2023-5870 affecting package postgresql for versions less than 14.14-1. An upgraded version of the package is available that resolves this issue...

Advisory ROSA-SA-2024-2501

Software: postgresql 12.20 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.20-1.rv3 CVE-ID: CVE-2021-32027 BDU-ID: 2021-02776 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to an operation exceeding buffer boundaries during array...

Advisory ROSA-SA-2024-2486

Software: postgresql15 15.7 OS: rosa-server79 packageevrstring: postgresql15-15.7-1PGDG.res7 CVE-ID: CVE-2023-39418 BDU-ID: 2023-04768 CVE-Crit: LOW CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to access delimitation flaws. Exploitation of the vulnerability...

Advisory ROSA-SA-2024-2485

Software: postgresql14 14.12 OS: rosa-server79 packageevrstring: postgresql14-14.12-1PGDG.res7 CVE-ID: CVE-2022-41862 BDU-ID: 2023-02003 CVE-Crit: LOW CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to information disclosure. Exploitation of the vulnerability...

Oracle Linux 9 : postgresql:15 (ELSA-2024-6020)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6020 advisory. - Fix CVE-2024-0985 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 - Fixes CVE-2023-2454 and CVE-2023-2455...

Photon OS 4.0: Postgresql14 PHSA-2023-4.0-0513

An update of the postgresql14 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0513. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHEL 7 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 - A flaw was found in PostgreSQL...

CVE-2023-5870 affecting package postgresql for versions less than 16.3-1

CVE-2023-5870 affecting package postgresql for versions less than 16.3-1. A patched version of the package is available...

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to a denial of service due to PostgreSQL (CVE-2023-5870)

Summary IBM Connect:Direct Web Services uses PostgreSQL. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-5870 DESCRIPTION: PostgreSQL is vulnerable to a denial of service, caused by a flaw in the pgsignalbackend role. By sending a...

USN-6538-1: PostgreSQL vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information...

Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2024-1289)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for postgresql, postgresql15, postgresql16 (SUSE-SU-2023:4495-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for postgresql14 (SUSE-SU-2023:4479-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for postgresql13 (SUSE-SU-2023:4455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for postgresql12 (SUSE-SU-2023:4454-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...