SUSE-SU-2026:20146-1 Security update for php8

This update for php8 fixes the following issues: Version update to 8.4.16: Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. - CVE-2025-14178: heap buffer overflow occurs in...

php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement

A flaw was found in PHP. When the PDO PHP Data Objects PostgreSQL driver is configured with PDO::ATTREMULATEPREPARES enabled, a remote attacker can exploit a vulnerability by providing an invalid character sequence within a prepared statement parameter. This can cause a null pointer dereference,...

Important: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement

A flaw was found in PHP. When the PDO PHP Data Objects PostgreSQL driver is configured with PDO::ATTREMULATEPREPARES enabled, a remote attacker can exploit a vulnerability by providing an invalid character sequence within a prepared statement parameter. This can cause a null pointer dereference,...

Important: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement

A flaw was found in PHP. When the PDO PHP Data Objects PostgreSQL driver is configured with PDO::ATTREMULATEPREPARES enabled, a remote attacker can exploit a vulnerability by providing an invalid character sequence within a prepared statement parameter. This can cause a null pointer dereference,...

Important: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : php:8.3 (RHSA-2026:1190)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1190 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in...

Alibaba Cloud Linux 3 : 0012: libpq (ALINUX3-SA-2026:0012)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0012 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-12818: Integer wraparound in multiple...

RHEL 9 : php:8.2 (RHSA-2026:1187)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1187 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in...

[SECURITY] Fedora 42 Update: pgadmin4-9.11-2.fc42

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

[SECURITY] Fedora 43 Update: pgadmin4-9.11-2.fc43

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

SUSE: Security Advisory (SUSE-SU-2026:0197-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-69285

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.5.0 contain a missing authentication vulnerability in the /api/v1/datasource/uploadExcel endpoint, allowing a remote unauthenticated attacker to upload arbitrary Excel/CSV files and inject data...

Azure Linux 3.0 Security Update: postgresql (CVE-2024-10979)

The version of postgresql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10979 advisory. - Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to...

SUSE SLES12 Security Update : postgresql17, postgresql18 (SUSE-SU-2026:0197-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0197-1 advisory. Changes in postgresql18: - Fix build with uring for post SLE15 code streams. Update to 18.1: https://www.postgresql.org/about/news/p-3171/...

CVE-2025-69285

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.5.0 contain a missing authentication vulnerability in the /api/v1/datasource/uploadExcel endpoint, allowing a remote unauthenticated attacker to upload arbitrary Excel/CSV files and inject data...

CVE-2025-69285 SQLBot uploadExcel Endpoint has Unauthenticated Arbitrary File Upload vulnerability

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.5.0 contain a missing authentication vulnerability in the /api/v1/datasource/uploadExcel endpoint, allowing a remote unauthenticated attacker to upload arbitrary Excel/CSV files and inject data...

CVE-2025-69285 SQLBot uploadExcel Endpoint has Unauthenticated Arbitrary File Upload vulnerability

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.5.0 contain a missing authentication vulnerability in the /api/v1/datasource/uploadExcel endpoint, allowing a remote unauthenticated attacker to upload arbitrary Excel/CSV files and inject data...

EUVD-2025-206314

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.5.0 contain a missing authentication vulnerability in the /api/v1/datasource/uploadExcel endpoint, allowing a remote unauthenticated attacker to upload arbitrary Excel/CSV files and inject data...