Lucene search
K

129 matches found

BDU FSTEC
BDU FSTEC
added 2022/09/28 12:0 a.m.5 views

The vulnerability of the ST_AsX3D function in the PostgreSQL PostGIS geographic object processing module allows a attacker to cause a service failure.

The vulnerability of the STAsX3D function in the PostgreSQL PostGIS geographic object processing module is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to cause service failures...

7.8CVSS7.2AI score0.03046EPSS
Exploits1References8Affected Software2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.5 views

Mageia: Security Advisory (MGASA-2015-0207)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References12
Debian
Debian
added 2021/12/29 9:35 p.m.11 views

[SECURITY] [DLA 2857-2] postgis regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2857-2 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 29, 2021 https://wiki.debian.org/LTS -...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2021/12/29 12:0 a.m.15 views

Debian: Security Advisory (DLA-2857-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.03046EPSS
Exploits1References4
OSV
OSV
added 2021/12/29 12:0 a.m.9 views

DLA-2857-2 postgis - regression update

Bulletin has no description...

7.2AI score
Exploits0
OSV
OSV
added 2021/12/28 12:0 a.m.24 views

DLA-2857-1 postgis - security update

Bulletin has no description...

7.5CVSS7.4AI score0.03046EPSS
Exploits1
Debian
Debian
added 2021/12/27 10:5 p.m.28 views

[SECURITY] [DLA 2857-1] postgis security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2857-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 28, 2021 https://wiki.debian.org/LTS -...

7.5CVSS7.5AI score0.03046EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/12/27 12:0 a.m.23 views

Debian DLA-2857-1 : postgis - LTS security update

"The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2857 advisory. - PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnorma...

7.5CVSS7.2AI score0.03046EPSS
Exploits1References5
ossfuzz
ossfuzz
added 2019/10/11 11:23 p.m.14 views

postgis:wkb_import_fuzzer: Crash in double_from_wkb_state

Project: https://git.osgeo.org/gitea/postgis/postgis.git Detailed Report: https://oss-fuzz.com/testcase?key=5764682215849984 Project: postgis Fuzzing Engine: libFuzzer Fuzz Target: wkbimportfuzzer Job Type: libfuzzerubsanpostgis Platform Id: linux Crash Type: UNKNOWN READ Crash Address:...

6.4AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/09/22 5:2 p.m.16 views

postgis:wkb_import_fuzzer: Heap-buffer-overflow in integer_from_wkb_state

Project: https://git.osgeo.org/gitea/postgis/postgis.git Detailed Report: https://oss-fuzz.com/testcase?key=5760493611909120 Project: postgis Fuzzing Engine: libFuzzer Fuzz Target: wkbimportfuzzer Job Type: libfuzzerasanpostgis Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/08/21 12:21 p.m.17 views

postgis:wkb_import_fuzzer: Heap-buffer-overflow in byte_from_wkb_state

Project: https://git.osgeo.org/gitea/postgis/postgis.git Detailed Report: https://oss-fuzz.com/testcase?key=5686969597689856 Project: postgis Fuzzing Engine: afl Fuzz Target: wkbimportfuzzer Job Type: aflasanpostgis Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

6.6AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/02/01 12:0 a.m.38 views

Debian DLA-1653-1 : postgis security update

It was found that the function STAsX3D in PostGIS, a module that adds spatial objects to the PostgreSQL object-relational database, did not handle empty values properly, allowing malicious users to cause denial of service or possibly other unspecified behaviour. For Debian 8 'Jessie', this proble...

7.5CVSS7.1AI score0.03046EPSS
Exploits1References3
Debian
Debian
added 2019/01/31 6:40 p.m.154 views

[SECURITY] [DLA 1653-1] postgis security update

Package : postgis Version : 2.1.4+dfsg-3+deb8u1 CVE ID : CVE-2017-18359 It was found that the function STAsX3D in PostGIS, a module that adds spatial objects to the PostgreSQL object-relational database, did not handle empty values properly, allowing malicious users to cause denial of service or...

7.5CVSS7.7AI score0.03046EPSS
Exploits1
OpenVAS
OpenVAS
added 2019/01/31 12:0 a.m.111 views

Debian: Security Advisory (DLA-1653-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.03046EPSS
Exploits1References3
OSV
OSV
added 2019/01/31 12:0 a.m.18 views

DLA-1653-1 postgis - security update

Bulletin has no description...

7.5CVSS7.4AI score0.03046EPSS
Exploits1
Prion
Prion
added 2019/01/25 5:29 a.m.20 views

Input validation

PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...

5CVSS7.3AI score0.03046EPSS
Exploits1References5Affected Software2
UbuntuCve
UbuntuCve
added 2019/01/25 5:29 a.m.29 views

CVE-2017-18359

PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...

7.5CVSS7.1AI score0.03046EPSS
Exploits1References4
NVD
NVD
added 2019/01/25 5:29 a.m.22 views

CVE-2017-18359

PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...

7.5CVSS7.4AI score0.03046EPSS
Exploits1References5
OSV
OSV
added 2019/01/25 5:29 a.m.4 views

UBUNTU-CVE-2017-18359

PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...

7.5CVSS7.1AI score0.03046EPSS
Exploits1References5
OSV
OSV
added 2019/01/25 5:29 a.m.7 views

CVE-2017-18359

PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...

7.5CVSS7.3AI score
Exploits0References5
Rows per page
Query Builder