ROS-20250822-24

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

USN-7648-2: PHP vulnerabilities

USN-7648-1 fixed several vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker...

USN-7648-2 php7.0, php7.2, php7.4 vulnerabilities

USN-7648-1 fixed several vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker...

CVE-2025-8713 affecting package postgresql for versions less than 14.19-1

CVE-2025-8713 affecting package postgresql for versions less than 14.19-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-8714 affecting package postgresql for versions less than 14.19-1

CVE-2025-8714 affecting package postgresql for versions less than 14.19-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-8715 affecting package postgresql for versions less than 14.19-1

CVE-2025-8715 affecting package postgresql for versions less than 14.19-1. An upgraded version of the package is available that resolves this issue...

PostgreSQL 13.x < 13.22 / 14.x < 14.19 / 15.x < 15.14 / 16.x < 16.10 / 17.x < 17.6 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 13 prior to 13.22, 14 prior to 14.19, 15 prior to 15.14, 16 prior to 16.10, or 17 prior to 17.6. As such, it is potentially affected by multiple vulnerabilities : - Improper neutralization of newlines in pgdump in PostgreSQL allows a user ...

Linux Distros Unpatched Vulnerability : CVE-2023-5870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum worker...

CVE-2025-55282

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of searchpath restriction, an attacke...

Important Photon OS Security Update - PHSA-2025-5.0-0597

Updates of 'postgresql14', 'postgresql13', 'postgresql15', 'libssh' packages of Photon OS have been released...

Linux Distros Unpatched Vulnerability : CVE-2021-32029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of...

Linux Distros Unpatched Vulnerability : CVE-2022-31625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the...

Linux Distros Unpatched Vulnerability : CVE-2022-2625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for...

Linux Distros Unpatched Vulnerability : CVE-2020-25696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.2...

Linux Distros Unpatched Vulnerability : CVE-2021-32028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read...

Linux Distros Unpatched Vulnerability : CVE-2023-2455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific...

Linux Distros Unpatched Vulnerability : CVE-2019-10208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitra...

Linux Distros Unpatched Vulnerability : CVE-2023-5869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value...

Linux Distros Unpatched Vulnerability : CVE-2021-32027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values,...

Linux Distros Unpatched Vulnerability : CVE-2020-25695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to...