Security update for postgresql14

This update for postgresql14 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...

PostgreSQL libpq retains an error message from man-in-the-middle

...

OESA-2024-2427 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

CVE-2024-49003

SQL Server Native Client Remote Code Execution Vulnerability...

CVE-2024-49005

SQL Server Native Client Remote Code Execution Vulnerability...

CVE-2024-49001

SQL Server Native Client Remote Code Execution Vulnerability...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2779)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2761)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fortinet FortiWeb Buffer overflow in TFTP client library of CLI (FG-IR-21-173)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-173 advisory. - A buffer overflow CWE-121 in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an...

Amazon Linux 2 : python-urllib3 (ALAS-2024-2653)

The version of python-urllib3 installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2653 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...

Amazon Linux 2 : python-pip (ALAS-2024-2652)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2652 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However,...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2541)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : python-urllib3 (EulerOS-SA-2024-2516)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

EulerOS 2.0 SP9 : python-pip (EulerOS-SA-2024-2379)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect...

Siemens SICAM and SITIPE Products Third-Party Component Buffer Overflow Vulnerability

The SICAM 8 power automation platform is a universal, hardware and software based, all-in-one solution for all applications in the power sector. the SICAM A8000 RTUs Remote Terminal Units are modular devices for remote control and automation applications in all areas of energy supply. SICAM EGS...

EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2024-2451)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect...

CVE-2024-37335

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability...

Security Bulletin: Vulnerability in Google OAuth Client Library affects watsonx.data

Summary Google OAuth Client Library for Java could allow a remote attacker to bypass security restrictions, caused by improper verification of token signatures. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass verification on the client side or to gai...

CBL Mariner 2.0 Security Update: python-pip / python-urllib3 / python3 (CVE-2023-45803)

The version of python-pip / python-urllib3 / python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45803 advisory. - urllib3 is a user-friendly HTTP client library for Python. urllib3 previously...