13324 matches found
postgresql:16 security update
pgaudit pgrepack postgres-decoderbufs postgresql 16.4-1 - Update to 16.4...
Important: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more detail...
ALSA-2024:5929 Important: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more detail...
ALSA-2024:5927 Important: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more detail...
OESA-2024-2054 postgresql security update
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
OESA-2024-2055 postgresql security update
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
OESA-2024-2056 postgresql security update
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
Cybersecurity researchers have unpacked a new malware strain dubbed PGMEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. "Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gaine...
New PG_MEM Malware Targets PostgreSQL Databases to Mine Cryptocurrency
The new PGMEM malware targets PostgreSQL databases, exploiting weak passwords to deliver payloads and mine cryptocurrency. Researchers warn…...
Packetbeat vulnerable to denial-of-service (DoS)
Overview Packetbeat provided by Elastic contains a denial-of-service DoS vulnerability. Packetbeat provided by Elastic is a network packet analyzer. Packetbeat contains a flaw in processing the PostgreSQL handler CWE-129 . Impact Processing a specially crafted packet may lead to a denial-of-servi...
Ubuntu: Security Advisory (USN-6968-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6968-1: PostgreSQL vulnerability
Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser...
USN-6968-1 postgresql-12, postgresql-14, postgresql-16 vulnerability
Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser...
Important: postgresql15
Issue Overview: Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack...
Important: postgresql15
Issue Overview: Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : PostgreSQL vulnerability (USN-6968-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6968-1 advisory. Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute...
Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2024-702)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-702 advisory. Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack...
OESA-2024-1977 postgresql security update
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
PostgreSQL relation replacement during pg_dump executes arbitrary SQL
...
[SECURITY] Fedora 39 Update: roundcubemail-1.6.8-1.fc39
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...