13299 matches found
ROS-20250912-08
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-05
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-02
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-03
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
ROS-20250912-01
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : postgresql16 (SUSE-SU-2025:03005-2)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03005-2 advisory. Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a vie...
Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
SUSE-SU-2025:03005-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
CLSA-2025-1757523038 Fix CVE(s): CVE-2025-1735
SECURITY UPDATE: inadequate error checking in pgsql and pdopgsql escaping functions - debian/patches/CVE-2025-1735.patch: Add error checks for escape function in pgsql and pdopgsql extensions to prevent storing of improperly escaped data - CVE-2025-1735...
CVE-2025-10226
Dependency on Vulnerable Third-Party Component CWE-1395 in the PostgreSQL backend in AxxonSoft Axxon One C-Werk 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs presen...
CVE-2025-10226
Dependency on Vulnerable Third-Party Component CWE-1395 in the PostgreSQL backend in AxxonSoft Axxon One C-Werk 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs presen...
CVE-2025-10226 PostgreSQL Upgrade from v10 to v17.4 in AxxonSoft Axxon One (C-Werk) 2.0.8 and earlier to Address Multiple Vulnerabilities
Dependency on Vulnerable Third-Party Component CWE-1395 in the PostgreSQL backend in AxxonSoft Axxon One C-Werk 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs presen...
CVE-2025-10226 PostgreSQL Upgrade from v10 to v17.4 in AxxonSoft Axxon One (C-Werk) 2.0.8 and earlier to Address Multiple Vulnerabilities
Dependency on Vulnerable Third-Party Component CWE-1395 in the PostgreSQL backend in AxxonSoft Axxon One C-Werk 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs presen...
CVE-2025-10226
CVE-2025-10226 affects AxxonSoft Axxon One (C-Werk) 2.0.8 and earlier due to a dependency on vulnerable PostgreSQL back-end (v10.x). The root cause is reported as dependencies on vulnerable third-party components in PostgreSQL, enabling a remote attacker to escalate privileges, execute arbitrary ...
CLSA-2025-1757490210 Fix CVE(s): CVE-2025-1735
SECURITY UPDATE: inadequate validation in pgsql and pdopgsql functions - debian/patches/CVE-2025-1735.patch: Add error checks for escape function in pgsql and pdopgsql extensions to prevent potential security issues - CVE-2025-1735...
AxxonSoft AxxonOne 安全漏洞
AxxonSoft AxxonOne is a video surveillance and security management software from AxxonSoft Ireland. A security vulnerability exists in AxxonSoft AxxonOne version 2.0.8 and earlier, which stems from a dependency on vulnerable third-party components in the PostgreSQL backend, and could lead to...
PT-2025-37045
Name of the Vulnerable Software and Affected Versions: AxxonSoft Axxon One versions 2.0.8 and earlier Description: AxxonSoft Axxon One is affected by a dependency on a vulnerable third-party component, PostgreSQL. This allows a remote attacker to escalate privileges, execute arbitrary code, or...
Mageia: Security Advisory (MGASA-2025-0230)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-58450
pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...
CVE-2025-58450 pREST has Systemic SQL Injection Vulnerability
pREST PostgreSQL REST, is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a...