CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2024/12/05 12:0 a.m.•18 views

AlmaLinux 8 : postgresql:13 (ALSA-2024:10832)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10832 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS7.5AI score0.04422EPSS

Tenable Nessus•added 2024/12/05 12:0 a.m.•12 views

Oracle Linux 9 : postgresql:16 (ELSA-2024-10788)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10788 advisory. - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 - Fixes: CVE-2023-2454 CVE-2023-2455 Tenable has extracted the preceding description block...

8.8CVSS7.1AI score0.04422EPSS

Tenable Nessus•added 2024/12/05 12:0 a.m.•10 views

RHEL 9 : postgresql (RHSA-2024:10827)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10827 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS8.5AI score0.04422EPSS

OSV•added 2024/12/05 12:0 a.m.•18 views

ALSA-2024:10832 Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code CVE-2024-10979 postgresq...

8.8CVSS8.2AI score0.04422EPSS

Tenable Nessus•added 2024/12/05 12:0 a.m.•12 views

RHEL 8 : postgresql:16 (RHSA-2024:10831)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10831 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL SET ROLE, SET SESSION...

Tenable Nessus•added 2024/12/05 12:0 a.m.•14 views

RHEL 8 : postgresql:13 (RHSA-2024:10832)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10832 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL SET ROLE, SET SESSION...

Tenable Nessus•added 2024/12/05 12:0 a.m.•10 views

AlmaLinux 9 : postgresql:16 (ALSA-2024:10788)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10788 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS7.6AI score0.04422EPSS

Tenable Nessus•added 2024/12/05 12:0 a.m.•9 views

RHEL 9 : postgresql:15 (RHSA-2024:10807)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10807 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS8.5AI score0.04422EPSS

OSV•added 2024/12/05 12:0 a.m.•19 views

ALSA-2024:10830 Important: postgresql:15 security update

8.8CVSS8.2AI score0.04422EPSS

RedHat Linux•added 2024/12/04 8:35 p.m.•4 views

postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code

A flaw was found in PostgreSQL PL/Perl. This vulnerability allows an unprivileged database user to change sensitive process environment variables e.g., PATH via incorrect control of environment variables...

RedHat Linux•added 2024/12/04 8:35 p.m.•18 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

RedHat Linux•added 2024/12/04 5:57 p.m.•16 views

Exploits1References2

Important: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

RedHat Linux•added 2024/12/04 5:57 p.m.•2 views

Exploits1References2

postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code

RedHat Linux•added 2024/12/04 3:41 p.m.•2 views

postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code

RedHat Linux•added 2024/12/04 3:41 p.m.•2 views

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability...

4.2CVSS7.3AI score0.00705EPSS

Exploits0References5

RedHat Linux•added 2024/12/04 3:41 p.m.•4 views

postgresql: PostgreSQL row security below e.g. subqueries disregards user ID changes

A flaw was found in PostgreSQL. This vulnerability allows incorrect row-level security policies to be applied via subqueries, WITH queries, security invoker views, or SQL-language functions that reference tables with row-level security policies. This issue arises when a query is planned under one...

5.4CVSS7.2AI score0.00786EPSS

Exploits0References5

RedHat Linux•added 2024/12/04 3:41 p.m.•12 views

Important: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...