79 matches found
Oracle Linux 9 : postgresql-jdbc (ELSA-2023-0318)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-0318 advisory. - fix for CVE-2022-31197 Tue Aug 10 2021 Mohan Boddu Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...
Fedora 36 : postgresql-jdbc (2022-d7d49b2fac)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-d7d49b2fac advisory. Security fix for CVE-2022-31197 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
SUSE SLES15 / openSUSE 15 Security Update : postgresql-jdbc (SUSE-SU-2022:3613-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3613-1 advisory. - CVE-2022-31197: Fixed SQL injection vulnerability bsc1202170. Tenable has extracted the preceding description block directly...
Debian dla-3140 : libpostgresql-jdbc-java - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3140 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3140-1 [email protected] https://www.debian.org/lts/security/...
SUSE SLES15 / openSUSE 15 Security Update : postgresql-jdbc (SUSE-SU-2022:3537-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3537-1 advisory. - CVE-2022-31197: Fixed SQL injection vulnerability bsc1202170. Tenable has extracted the preceding description block directly...
FreeBSD : puppetdb -- Potential SQL injection (aeb4c85b-3600-11ed-b52d-589cfc007716)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the aeb4c85b-3600-11ed-b52d-589cfc007716 advisory. - PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database usin...
USN-5238-1 libpgjava vulnerability
It was discovered that PostgreSQL JDBC Driver incorrectly handled certain requests from external entities. A remote attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code...
[SECURITY] [DSA 5196-1] libpgjava security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5196-1 [email protected] https://www.debian.org/security/ Markus Koschany July 31, 2022 https://www.debian.org/security/faq -...
Debian DSA-5196-1 : libpgjava - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5196 advisory. - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 - pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in th...
OESA-2022-1535 postgresql-jdbc security update
PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is the...
AlmaLinux 8 : postgresql-jdbc (ALSA-2020:3176)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:3176 advisory. - PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE. CVE-2020-13692 Note that Nessus has not tested for this issue but has instead relied only on the...
CVE-2022-21724 Unchecked Class Instantiation when providing Plugin Classes
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based o...
Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities (CVE-2016-3506, CVE-2020-13692)
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2016-3506 DESCRIPTION: An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to take...
CVE-2020-13692
PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE...
DEBIAN-CVE-2020-13692
PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE...
CVE-2020-13692
PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE...
UBUNTU-CVE-2020-13692
PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE...
CVE-2020-13692
PostgreSQL JDBC Driver aka PgJDBC before 42.2.13 allows XXE...
PT-2012-3386 · Postgresql · Postgresql Jdbc Driver
Name of the Vulnerable Software and Affected Versions: PostgreSQL JDBC driver versions prior to 8.2 Description: The issue arises from an interaction error in the PostgreSQL JDBC driver when used with a PostgreSQL server that has the "standard conforming strings" option enabled. This error allows...