CVE-2025-34227 Nagios XI < 2026R1 Configuration Wizard Authenticated Command Injection

Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...

Security Bulletin: Multiple vulnerabilities in IBM Aspera Console

Summary Multiple vulnerabilities were addressed in IBM Aspera Console version 3.4.7. Vulnerability Details CVEID:CVE-2022-44566 DESCRIPTION: A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed intege...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to Nagios XI 2026R1, which stems from the fact...

[R1] Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.1

R1 Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.1 Jason Schavel Wed, 09/24/2025 - 10:34 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components PostgreSQL was found to contai...

ROS-20250923-11

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

ROS-20250923-07

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

ROS-20250923-09

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

ROS-20250923-08

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

ROS-20250923-10

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

ROS-20250923-14

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

ROS-20250923-13

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

ROS-20250923-12

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.12.5 release and security update

Red Hat AMQ Broker 7.12.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

geminabox

It is an offensive tool for RubyGem hosting. The repository contains a simple RubyGem hosting system called Gem in a Box. It allows users to host their own RubyGems, and it includes features such as user authentication, gem versioning, and a web interface for browsing and downloading gems. The to...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in postgresql-42.7.6.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of postgresql-42.7.6.jar Vulnerability Details CVEID:CVE-2025-49146 DESCRIPTION: pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel bindin...

SUSE CVE-2025-58450

pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...

CLSA-2025-1758293394 postgresql: Fix of 2 CVEs

CVE-2025-8714: prevent execution of unsafe meta-commands in plain-text dumps pgdump/pgrestore/pgdumpall, psql restricted mode - CVE-2025-8715: sanitize newlines in object names to avoid unsafe SQL comments in dumps...

Security Bulletin: Buffer Over-read in PostgreSQL GB18030 Encoding Validation Leading to Potential DoS , affects watsonx.data

Summary Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9,...

CVE-2025-59333

The mcp-database-server MCP Server 1.1.0 and earlier, as distributed via the npm package @executeautomation/database-server, fails to implement adequate security controls to properly enforce a "read-only" mode. This vulnerability affects only the npm distribution; other distributions are not...

RHSA-2025:16099 Red Hat Security Advisory: postgresql security update

Bulletin has no description...