13414 matches found
RHEL 8 : postgresql (RHSA-2024:1428)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1428 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
RHEL 8 : postgresql (RHSA-2024:1426)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1426 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
RHEL 8 : postgresql (RHSA-2024:1422)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1422 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
RHEL 8 : postgresql (RHSA-2024:1429)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1429 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
Debian: Security Advisory (DLA-3764-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3764-1] postgresql-11 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3764-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 18, 2024 https://wiki.debian.org/LTS -...
postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL
A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...
Important: Red Hat Security Advisory: postgresql:10 security update
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Low: libpq
Issue Overview: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
Low: libpq
Issue Overview: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
DLA-3764-1 postgresql-11 - security update
Bulletin has no description...
Amazon Linux 2 : libpq (ALASPOSTGRESQL14-2024-010)
The version of libpq installed on the remote host is prior to 14.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-010 advisory. In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos...
RHEL 8 : postgresql:10 (RHSA-2024:1348)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1348 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
Debian dla-3764 : libecpg-compat3 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3764 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3764-1 [email protected] https://www.debian.org/lts/security/...
The vulnerability in the sanitize.go component of the PostgreSQL pgx tool set allows a malicious actor to execute arbitrary SQL queries.
The vulnerability in the sanitize.go component of the PostgreSQL pgx tool set is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...
Amazon Linux 2 : libpq (ALASPOSTGRESQL12-2024-010)
The version of libpq installed on the remote host is prior to 12.15-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-010 advisory. In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos...
USN-6538-1: PostgreSQL vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information...
USN-6296-1: PostgreSQL vulnerabilities | Cloud Foundry
Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the...
mapXplore - Allow Exporting The Information Downloaded With Sqlmap To A Relational Database Like Postgres And Sqlite
mapXplore is a modular application that imports data extracted of the sqlmap to PostgreSQL or SQLite database. Its main features are: Import of information extracted from sqlmap to PostgreSQL or SQLite for subsequent querying. Sanitized information, which means that at the time of import, it...
SQLi (SQL Injection) org.postgresql:postgresql Dependency in Bamboo Data Center and Server
This unexploitable Critical severity vulnerability has a lower assessed risk by Atlassian, as a result it's disclosed in the Monthly Security Bulletin instead of a Critical Security Advisory. Bamboo & Other Atlassian Data Center products are unaffected by this vulnerability as they do not use the...