Linux Distros Unpatched Vulnerability : CVE-2026-2007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over th...

ROS-20260129-73-0029

A vulnerability in the CREATE STATISTICS function of the PostgreSQL database management system is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Azure Linux 3.0 Security Update: postgresql (CVE-2024-10979)

The version of postgresql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10979 advisory. - Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to...

MiracleLinux 9 : postgresql:15 (AXSA:2026-062:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-062:01 advisory. postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer...

MiracleLinux 8 : postgresql:16 (AXSA:2026-061:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-061:01 advisory. postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer...

MiracleLinux 7 : rh-postgresql13-postgresql-13.7-1.el7 (AXSA:2022-3205:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3205:01 advisory. postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox CVE-2022-1552 Tenable has extracted the preceding description block...

MiracleLinux 7 : postgresql-9.2.24-6.el7 (AXSA:2021-1738:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1738:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...

MiracleLinux 8 : postgresql:12 (AXSA:2022-2992:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2992:01 advisory. postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214...

MiracleLinux 7 : postgresql-9.2.24-7.el7 (AXSA:2021-1996:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1996:03 advisory. postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 Tenable has extracted the preceding description block...

MiracleLinux 7 : postgresql-9.2.23-1.el7 (AXSA:2017-2243:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2243:02 advisory. It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty...

MiracleLinux 7 : rh-postgresql10-postgresql-10.6-1.el7 (AXSA:2019-3615:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3615:01 advisory. postgresql: SQL injection in pgupgrade and pgdump, via CREATE TRIGGER ... REFERENCING CVE-2018-16850 Tenable has extracted the preceding description block...

MiracleLinux 4 : postgresql92-postgresql-9.2.14-1.AXS4 (AXSA:2015-566:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-566:02 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll nee...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.14-1.AXS4 (AXSA:2017-2281:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2281:02 advisory. It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty...

CVE-2017-8806 vulnerabilities

Vulnerabilities for packages: postgresql...

postgresql:13 security update

An update is available for pgrepack, module.postgresql, module.pgaudit, postgresql, postgres-decoderbufs, module.pgrepack, module.postgres-decoderbufs, pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

MiracleLinux 9 : libpq-13.23-1.el9_7 (AXSA:2026-033:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-033:01 advisory. postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 Tenable has extracted the preceding description block directly from the...

RockyLinux 8 : postgresql:15 (RLSA-2026:0524)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0524 advisory. postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound...

MiracleLinux 9 : postgresql-13.20-1.el9_5 (AXSA:2025-9698:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9698:02 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

CVE-2020-10733

The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add fil...

Moderate: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...