Lucene search
K

13414 matches found

Tenable Nessus
Tenable Nessus
added 2024/03/19 12:0 a.m.16 views

RHEL 8 : postgresql (RHSA-2024:1428)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1428 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/19 12:0 a.m.11 views

RHEL 8 : postgresql (RHSA-2024:1426)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1426 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/19 12:0 a.m.21 views

RHEL 8 : postgresql (RHSA-2024:1422)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1422 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/19 12:0 a.m.25 views

RHEL 8 : postgresql (RHSA-2024:1429)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1429 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/03/19 12:0 a.m.10 views

Debian: Security Advisory (DLA-3764-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS8AI score0.01465EPSS
Exploits0References2
Debian
Debian
added 2024/03/18 3:47 p.m.27 views

[SECURITY] [DLA 3764-1] postgresql-11 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3764-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 18, 2024 https://wiki.debian.org/LTS -...

8CVSS8.4AI score0.01465EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/03/18 1:47 a.m.3 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/03/18 1:47 a.m.23 views

Important: Red Hat Security Advisory: postgresql:10 security update

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
Amazon
Amazon
added 2024/03/18 12:0 a.m.5 views

Low: libpq

Issue Overview: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...

3.7CVSS7.1AI score0.00616EPSS
Exploits0
Amazon
Amazon
added 2024/03/18 12:0 a.m.5 views

Low: libpq

Issue Overview: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...

3.7CVSS7.1AI score0.00616EPSS
Exploits0
OSV
OSV
added 2024/03/18 12:0 a.m.27 views

DLA-3764-1 postgresql-11 - security update

Bulletin has no description...

8CVSS8.1AI score0.01465EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.23 views

Amazon Linux 2 : libpq (ALASPOSTGRESQL14-2024-010)

The version of libpq installed on the remote host is prior to 14.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-010 advisory. In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos...

3.7CVSS6.4AI score0.00616EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.24 views

RHEL 8 : postgresql:10 (RHSA-2024:1348)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1348 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.23 views

Debian dla-3764 : libecpg-compat3 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3764 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3764-1 [email protected] https://www.debian.org/lts/security/...

8CVSS7.3AI score0.01465EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/03/18 12:0 a.m.4 views

The vulnerability in the sanitize.go component of the PostgreSQL pgx tool set allows a malicious actor to execute arbitrary SQL queries.

The vulnerability in the sanitize.go component of the PostgreSQL pgx tool set is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...

8.1CVSS7AI score0.00854EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.31 views

Amazon Linux 2 : libpq (ALASPOSTGRESQL12-2024-010)

The version of libpq installed on the remote host is prior to 12.15-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-010 advisory. In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos...

3.7CVSS6.4AI score0.00616EPSS
Exploits0References4
Cloud Foundry
Cloud Foundry
added 2024/03/18 12:0 a.m.33 views

USN-6538-1: PostgreSQL vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information...

8.8CVSS8.1AI score0.04322EPSS
Exploits0Affected Software2
Cloud Foundry
Cloud Foundry
added 2024/03/18 12:0 a.m.19 views

USN-6296-1: PostgreSQL vulnerabilities | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the...

8.8CVSS8.1AI score0.01572EPSS
Exploits0Affected Software2
Kitploit
Kitploit
added 2024/03/17 11:30 a.m.30 views

mapXplore - Allow Exporting The Information Downloaded With Sqlmap To A Relational Database Like Postgres And Sqlite

mapXplore is a modular application that imports data extracted of the sqlmap to PostgreSQL or SQLite database. Its main features are: Import of information extracted from sqlmap to PostgreSQL or SQLite for subsequent querying. Sanitized information, which means that at the time of import, it...

6.9AI score
Exploits0References4
Atlassian
Atlassian
added 2024/03/14 5:46 a.m.57 views

SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bamboo Data Center and Server

This unexploitable Critical severity vulnerability has a lower assessed risk by Atlassian, as a result it's disclosed in the Monthly Security Bulletin instead of a Critical Security Advisory. Bamboo & Other Atlassian Data Center products are unaffected by this vulnerability as they do not use the...

10CVSS7.6AI score0.0481EPSS
Exploits0
Rows per page
Query Builder