Ubuntu: Security Advisory (USN-6825-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-011)

The version of postgresql installed on the remote host is prior to 14.12-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-011 advisory. postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 Tenable has extracted t...

USN-6825-1: ADOdb vulnerabilities

It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 16.04 LTS. CVE-2016-7405 It was discovered that ADOdb was incorrectly handling GET parameters in...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : ADOdb vulnerabilities (USN-6825-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6825-1 advisory. It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possib...

ROS-20240607-06

Vulnerability of system views pgstatsext, pgstatsextexprs of PostgreSQL DBMS is related to privilege management errors in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges...

ROS-20240607-07

Vulnerability of system views pgstatsext, pgstatsextexprs of PostgreSQL DBMS is related to privilege management errors in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges...

ROS-20240607-05

The vulnerability of the system views pgstatsext, pgstatsextexprs of the PostgreSQL DBMS is related to errors in privilege management. in privilege management. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges...

Fedora: Security Advisory (FEDORA-2024-680b8ba54e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:1768-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:1777-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2019-9193

In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pgexecuteserverprogram' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary...

RHEL 4 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: SQL injection due unsanitized newline characters in object names CVE-2012-0868 - CREATE TRIGG...

RHEL 6 : postgresql-jdbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - PostgreSQL: Postgres JDBC driver does not perform host name validation by default CVE-2018-10936 Note that Nessus h...

RHEL 7 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: Uncontrolled search path element in pgdump and other client applications CVE-2018-1058 - It w...

RHEL 8 : 10_postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - postgresql: Client memory disclosure when connecting with Kerberos to modified server CVE-2022-41862 Note that Ness...

RHEL 8 : postgresql-jdbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes CVE-2022-21724 - A weakness...

RHEL 4 : tcl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: tempory DoS caused by slow regex NFA cleanup CVE-2007-6067 - The regular expression parser in...

RHEL 6 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: Start scripts permit database administrator to modify root-owned files CVE-2017-15097 -...

RHEL 7 : postgresql-jdbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes CVE-2022-21724 - A weakness...

RHEL 5 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: Improper randomization of pgcrypto functions requiring random seed CVE-2013-1900 - postgresql...