Lucene search
K

13424 matches found

Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.3 views

PT-2024-21803

Name of the Vulnerable Software and Affected Versions parse-server versions prior to 6.5.0 parse-server versions prior to 7.0.0-alpha.20 Description This issue allows SQL injection when parse-server is configured to use the PostgreSQL database. A remote attacker could send specially-crafted SQL...

10CVSS9AI score0.0103EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.25 views

CentOS 9 : postgresql-jdbc-42.2.18-6.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the postgresql-jdbc-42.2.18-6.el9 build changelog. - PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Ja...

8CVSS7AI score0.01662EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.28 views

CentOS 9 : postgresql-jdbc-42.2.27-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the postgresql-jdbc-42.2.27-1.el9 build changelog. - pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setTextint,...

5.5CVSS6.3AI score0.0048EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.95 views

CentOS 9 : postgresql-13.7-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the postgresql-13.7-1.el9 build changelog. - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's...

8.8CVSS7.7AI score0.12403EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/02/28 11:54 a.m.2 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/28 11:54 a.m.21 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/02/28 8:10 a.m.70 views

CVE-2024-1597

A flaw was found in the PostgreSQL JDBC Driver. A SQL injection is possible when using the non-default connection property preferQueryMode=simple in combination with application code that has a vulnerable SQL that negates a parameter value. Mitigation Do not use the connection...

10CVSS9.8AI score0.0481EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.18 views

AlmaLinux 8 : postgresql:10 (ALSA-2024:0956)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0956 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block directly...

8CVSS7.8AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.36 views

Oracle Linux 8 : postgresql:10 (ELSA-2024-0956)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0956 advisory. 10.23-4.0.1 - Resolves: CVE-2024-0985 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.22 views

AlmaLinux 9 : postgresql:15 (ALSA-2024:0950)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0950 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block directly...

8CVSS7.8AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.19 views

AlmaLinux 8 : postgresql:12 (ALSA-2024:0974)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0974 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block directly...

8CVSS7.8AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.27 views

AlmaLinux 8 : postgresql:15 (ALSA-2024:0973)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0973 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block directly...

8CVSS7.8AI score0.01465EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2024/02/28 12:0 a.m.46 views

postgresql:10 security update

10.23-4.0.1 - Resolves: CVE-2024-0985...

8CVSS7.3AI score0.01465EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.18 views

Oracle Linux 8 : postgresql:12 (ELSA-2024-0974)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0974 advisory. pgaudit 1.4.0-7 - Release bump to avoid regression in nvrs - Resolves: RHEL-24969 pgrepack postgres-decoderbufs postgresql 12.18-1.0.1 - Update to version 12.18...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.23 views

AlmaLinux 8 : postgresql:13 (ALSA-2024:0975)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0975 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block directly...

8CVSS7.8AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.28 views

AlmaLinux 9 : postgresql (ALSA-2024:0951)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0951 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. Th...

8CVSS7.9AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.21 views

RHEL 8 : postgresql:15 (RHSA-2024:1017)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1017 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2024/02/27 9:1 a.m.61 views

Advisory ROSA-SA-2024-2359

software: postgresql 12.16 WASP: ROSA-CHROME packageevrstring: postgresql-12.16-1.src.rpm CVE-ID: CVE-2023-2454 BDU-ID: 2023-03247 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Schema Handler component of the PostgreSQL database management system is related to access delimitation flaws...

8.8CVSS8.8AI score0.01572EPSS
Exploits0
Oracle linux
Oracle linux
added 2024/02/27 12:0 a.m.42 views

postgresql:12 security update

pgaudit 1.4.0-7 - Release bump to avoid regression in nvrs - Resolves: RHEL-24969 pgrepack postgres-decoderbufs postgresql 12.18-1.0.1 - Update to version 12.18 - Fixes CVE-2024-0985...

8CVSS7AI score0.01465EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.24 views

Oracle Linux 8 : postgresql:13 (ELSA-2024-0975)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0975 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 13.14-1.0.1 - update to 13.14 - Fixes CVE-2024-0985 Tenable has extracted the preceding description block...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
Rows per page
Query Builder