RHEL 8 : postgresql:13 (RHSA-2026:0267)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0267 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check fo...

MiracleLinux 8 : postgresql:16 (AXSA:2025-9713:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9713:01 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

MiracleLinux 8 : postgresql:16 (AXSA:2025-10816:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10816:01 advisory. postgresql: PostgreSQL executes arbitrary code in restore operation CVE-2025-8715 postgresql: PostgreSQL code execution in restore operation...

MiracleLinux 9 : postgresql:16 (AXSA:2025-9703:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9703:01 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

MiracleLinux 7 : postgresql-9.2.24-9.0.2.el7.AXS7 (AXSA:2025-9551:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9551:01 advisory. CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables CVEs: CVE-2024-10979 Incorrect control of environment variables in PostgreSQ...

RHEL 9 : postgresql (RHSA-2026:0262)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0262 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check fo...

RHEL 10 : postgresql16 (RHSA-2026:0456)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0456 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...

RHEL 8 : postgresql:16 (RHSA-2026:0519)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0519 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check fo...

RHEL 9 : postgresql:16 (RHSA-2026:0269)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0269 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check fo...

Moderate: postgresql:16 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...

Moderate: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...

Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...

Moderate: postgresql:16 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...

Moderate: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...

Moderate: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security...

postgresql: libpq: libpq undersizes allocations, via integer wraparound

A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application...

Moderate: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

postgresql: libpq: libpq undersizes allocations, via integer wraparound

A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application...

postgresql: CREATE STATISTICS does not check for schema CREATE privilege

A vulnerability has been identified in PostgreSQL’s CREATE STATISTICS command where the database does not check that the user has the required schema CREATE privilege. A table owner user could create a statistics object in any schema, blocking other users who legitimately hold CREATE STATISTICS...