MiracleLinux 7 : rh-postgresql94-postgresql-9.4.9-1.el7 (AXSA:2016-649:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-649:03 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll nee...

MiracleLinux 4 : postgresql92-postgresql-9.2.15-1.AXS4 (AXSA:2016-123:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-123:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to acce...

CVE-2021-47782

Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries. Attackers can exploit the vulnerability by sending crafted payloads to the /rass/api/v1/trafficCycle/ endpoint to manipulate...

CVE-2021-47782 Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection

Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries. Attackers can exploit the vulnerability by sending crafted payloads to the /rass/api/v1/trafficCycle/ endpoint to manipulate...

CVE-2021-47782

Odine Solutions GateKeeper 1.0 is affected by a SQL injection in the trafficCycle API endpoint (/rass/api/v1/trafficCycle/). The root cause is a database query manipulation in PostgreSQL that could lead to extraction of sensitive information. Mitigation: apply updates to address the SQL injection...

CVE-2021-47782 Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection

Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries. Attackers can exploit the vulnerability by sending crafted payloads to the /rass/api/v1/trafficCycle/ endpoint to manipulate...

SQL Injection

Django is vulnerable to SQL Injection. The vulnerability is due to improper handling of column aliases in FilteredRelation when expanding user-controlled dictionaries passed to QuerySet.annotate or QuerySet.alias, which allows an attacker to inject crafted SQL on PostgreSQL...

postgresql: libpq: libpq undersizes allocations, via integer wraparound

A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application...

Moderate: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

postgresql:16 security update

pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1 1.4.8-2 - Add new build dependencies to fix build with lz4 enabled - Related: RHEL-47604 1.4.8-1 - Resolves: RHEL-3636 - Initial import for PG 16...

PT-2026-3155

Name of the Vulnerable Software and Affected Versions Odine Solutions GateKeeper version 1.0 Description The software contains a SQL injection issue in the trafficCycle API endpoint. Remote attackers can inject malicious database queries by sending crafted payloads to the /rass/api/v1/trafficCycl...

Oracle Linux 9 : postgresql (ELSA-2026-0491)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0491 advisory. - Resolves: RHEL-128812 CVE-2025-12818 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

Oracle Linux 9 : postgresql:16 (ELSA-2026-0493)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0493 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1...

ALSA-2026:0695 Moderate: libpq security update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security issues, including the impact, a CVSS score,...

Oracle Linux 9 : postgresql:15 (ELSA-2026-0492)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0492 advisory. pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack 1.4.8-2 - Add new build...

Failed to create a restore point: PostgreSQL database operation failed multiple times with transient error.

Challenge After upgrading to Veeam Backup for Microsoft 365 8.2 or 8.3, jobs fail with the erorr: Failed to create a restore point: PostgreSQL database operation failed multiple times with transient error. Cause This issue occurs because various one-time PostgreSQL queries that the software...

GHSA-XG92-G8H7-V7R4 vulnerabilities

Vulnerabilities for packages: postgresql...

CVE-2017-8806 vulnerabilities

Vulnerabilities for packages: postgresql...

Moderate: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

postgresql: libpq: libpq undersizes allocations, via integer wraparound

A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application...