ROS-2-1989

2.1989 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

ROS-2-1722

2.1722 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

ROS-2-1972

2.1972 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

ROS-2-1947

2.1947 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

Vulnerabilities fixed in PostgreSQL

Vulnerabilities have been fixed in PostgreSQL. The vulnerabilities allow a remote malicious party to cause a denial-of-service to potentially access sensitive data as a result. PostgreSQL has released a new version to address the vulnerabilities. fixes. More information can be found on the page...

openSUSE 15 Security Update : postgresql10 (openSUSE-SU-2021:1970-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1970-1 advisory. - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certai...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : PostgreSQL vulnerabilities (USN-4472-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4472-1 advisory. Noah Misch discovered that PostgreSQL incorrectly handled the searchpath setting when used with logical replication. A remote...

Vulnerabilities fixed in PostgreSQL

Two vulnerabilities have been fixed in PostgreSQL. Both vulnerabilities allow a locally authenticated malicious person to able to execute arbitrary SQL commands under the privileges of a superuser on the database. PostgreSQL has released updates to address the vulnerabilities. fix. More informati...

CVE-2015-0243

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors...

Ubuntu 16.04 LTS / 18.04 LTS : PostgreSQL vulnerabilities (USN-4090-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4090-1 advisory. Tom Lane discovered that PostgreSQL did not properly restrict functions declared as SECURITY DEFINER. An attacker could use this to execute...

Multiple vulnerabilities in the PostgreSQL database management system, caused by buffer overflows in the stack, allow attackers to execute arbitrary code.

The multiple vulnerabilities in the PostgreSQL database management system are caused by buffer overflows on the stack. Exploitation of these vulnerabilities allows a remote attacker to execute arbitrary code...

MGASA-2018-0446 Updated postgresql9.4|6 packages fix security vulnerabilities

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database CVE-2018-1058. Postgresql 9.6.x before 9.6.9 is vulnerable in the adminpac...

PostgreSQL Multiple Vulnerabilities (Aug 2018) - Linux

PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...

PostgreSQL Multiple Vulnerabilities (Aug 2018) - Windows

PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...

USN-3390-1 postgresql-9.3, postgresql-9.5, postgresql-9.6 vulnerabilities

Ben de Graaff, Jelte Fennema, and Jeroen van der Ham discovered that PostgreSQL allowed the use of empty passwords in some authentication methods, contrary to expected behaviour. A remote attacker could use an empty password to authenticate to servers that were believed to have password login...

Debian: Security Advisory (DSA-3935-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : PostgreSQL vulnerabilities (USN-2772-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2772-1 advisory. Josh Kupershmidt discovered the pgCrypto extension could expose several bytes of server memory if the crypt function was provided a too-short salt. An...

USN-1542-1: PostgreSQL vulnerabilities

Peter Eisentraut discovered that the XSLT functionality in the optional XML2 extension would allow unprivileged database users to both read and write data with the privileges of the database server. CVE-2012-3488 Noah Misch and Tom Lane discovered that the XML functionality in the optional XML2...

Ubuntu Update for PostgreSQL vulnerabilities USN-942-1

Ubuntu Update for Linux kernel vulnerabilities USN-942-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9421.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for PostgreSQL vulnerabilities USN-942-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu Update for PostgreSQL vulnerabilities USN-876-1

Ubuntu Update for Linux kernel vulnerabilities USN-876-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN8761.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for PostgreSQL vulnerabilities USN-876-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...