RHSA-2025:14869 Red Hat Security Advisory: postgresql security update

Bulletin has no description...

RHSA-2025:14862 Red Hat Security Advisory: postgresql:15 security update

Bulletin has no description...

RHSA-2025:14827 Red Hat Security Advisory: postgresql:16 security update

Bulletin has no description...

RHSA-2025:14826 Red Hat Security Advisory: postgresql16 security update

Bulletin has no description...

RHEL 10 : postgresql16 (RHSA-2025:14826)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14826 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...

RHEL 9 : postgresql:15 (RHSA-2025:14862)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14862 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL executes arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2025-8714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the...

RHEL 9 : postgresql (RHSA-2025:14869)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14869 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL executes arbitrary code...

RHEL 9 : postgresql (RHSA-2025:14870)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14870 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL executes arbitrary code...

RHEL 9 : postgresql:16 (RHSA-2025:14827)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14827 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL executes arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2025-8715

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client...

Linux Distros Unpatched Vulnerability : CVE-2025-8713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled...

RHEL 9 : postgresql (RHSA-2025:14878)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14878 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL executes arbitrary code...

CVE-2025-50979

NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint /api/v3/search/categories. The search query parameter is not properly sanitized, allowing unauthenticated, remote attackers to inject boolean-based blind and PostgreSQL error-based payloads...

Linux Distros Unpatched Vulnerability : CVE-2021-33204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the pgpartman aka PG Partition Manager extension before 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because...

Linux Distros Unpatched Vulnerability : CVE-2021-3515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An attacker with CREATEDB privileges on a PostgreSQL server can craft ...

SUSE SLES12 Security Update : postgresql14 (SUSE-SU-2025:03020-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03020-1 advisory. Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. -...

SUSE SLES15 / openSUSE 15 Security Update : postgresql15 (SUSE-SU-2025:03018-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03018-1 advisory. Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child...

SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2025:03031-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03031-1 advisory. Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc124812...

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...