13424 matches found
SUSE: Security Advisory (SUSE-SU-2024:0773-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:0771-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : postgresql-jdbc (SUSE-SU-2024:0773-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0773-1 advisory. - CVE-2024-1597: Fixed SQL Injection via line comment generation bsc1220644. Tenable has extracted the preceding description...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL13-2024-006)
The version of postgresql installed on the remote host is prior to 13.14-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL13-2024-006 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-008)
The version of postgresql installed on the remote host is prior to 14.1-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-008 advisory. A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL...
SUSE SLES15 Security Update : postgresql-jdbc (SUSE-SU-2024:0769-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0769-1 advisory. - CVE-2024-1597: Fixed SQL Injection via line comment generation bsc1220644. Tenable has extracted the preceding description block directly...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-006)
The version of postgresql installed on the remote host is prior to 14.11-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-006 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute...
Amazon Linux 2 : libpq (ALASPOSTGRESQL12-2024-009)
The version of libpq installed on the remote host is prior to 12.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-009 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary...
SUSE-SU-2024:0773-1 Security update for postgresql-jdbc
This update for postgresql-jdbc fixes the following issues: - CVE-2024-1597: Fixed SQL Injection via line comment generation bsc1220644...
CVE-2024-0985 affecting package postgresql for versions less than 14.11-1
CVE-2024-0985 affecting package postgresql for versions less than 14.11-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-41862 affecting package postgresql for versions less than 14.11-1
CVE-2022-41862 affecting package postgresql for versions less than 14.11-1. This CVE either no longer is or was never applicable...
SUSE-SU-2024:0771-1 Security update for postgresql-jdbc
This update for postgresql-jdbc fixes the following issues: - CVE-2024-1597: Fixed SQL Injection via line comment generation bsc1220644...
SUSE-SU-2024:0769-1 Security update for postgresql-jdbc
This update for postgresql-jdbc fixes the following issues: - CVE-2024-1597: Fixed SQL Injection via line comment generation bsc1220644...
SQL Injection
Lparse-server is vulnerable to a SQL injection when configured to use the PostgreSQL database. The vulnerability is due to inadequate input validation, allowing malicious SQL queries to be injected, particularly when interacting with a PostgreSQL database...
Important: postgresql15
Issue Overview: Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted...
RHEL 8 : postgresql:12 (RHSA-2024:1070)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1070 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
Important: postgresql15
Issue Overview: Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted...
RHEL 8 : postgresql:12 (RHSA-2024:1071)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1071 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...
CentOS: Security Advisory for postgresql (CESA-2023:7783)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : postgresql:12 (RHSA-2024:1069)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1069 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...