PT-2025-33672 · Aiven · Aiven-Db-Migrate

Name of the Vulnerable Software and Affected Versions: aiven-db-migrate versions prior to 1.0.7 Description: aiven-db-migrate is a database migration tool. A privilege escalation issue exists that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrust...

PT-2025-33673 · Aiven · Aiven-Db-Migrate

Name of the Vulnerable Software and Affected Versions: aiven-db-migrate versions prior to 1.0.7 Description: aiven-db-migrate is a database migration tool. A privilege escalation issue exists that could allow elevation to superuser inside PostgreSQL databases during a migration from an untrusted...

Linux Distros Unpatched Vulnerability : CVE-2024-10976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and...

Linux Distros Unpatched Vulnerability : CVE-2021-22880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability. Carefully...

Linux Distros Unpatched Vulnerability : CVE-2024-23835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory u...

Linux Distros Unpatched Vulnerability : CVE-2024-10978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires...

Linux Distros Unpatched Vulnerability : CVE-2024-10977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq...

Linux Distros Unpatched Vulnerability : CVE-2020-25694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that...

postgresql16-16.10-1.1 on GA media (moderate)

postgresql16-16.10-1.1 on GA media Announcement ID: openSUSE-SU-2025:15454-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

postgresql15-15.14-1.1 on GA media (moderate)

postgresql15-15.14-1.1 on GA media Announcement ID: openSUSE-SU-2025:15453-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

postgresql14-14.19-1.1 on GA media (moderate)

postgresql14-14.19-1.1 on GA media Announcement ID: openSUSE-SU-2025:15452-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

postgresql13-13.22-1.1 on GA media (moderate)

postgresql13-13.22-1.1 on GA media Announcement ID: openSUSE-SU-2025:15451-1 Rating: moderate Cross-References: CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVSS scores: CVE-2025-8713 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-8713 SUSE : 5.3...

OPENSUSE-SU-2025:15452-1 postgresql15-15.14-1.1 on GA media

These are all security issues fixed in the postgresql15-15.14-1.1 package on the GA media of openSUSE Tumbleweed...

Debian: Security Advisory (DLA-4273-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2025:15453-1 postgresql16-16.10-1.1 on GA media

These are all security issues fixed in the postgresql16-16.10-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15451-1 postgresql14-14.19-1.1 on GA media

These are all security issues fixed in the postgresql14-14.19-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15450-1 postgresql13-13.22-1.1 on GA media

These are all security issues fixed in the postgresql13-13.22-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

SUSE CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

SUSE CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...