Lucene search
+L

12 matches found

Rockylinux
Rockylinux
added 2026/06/28 12:1 a.m.7 views

libpq security update

An update is available for libpq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libpq package provides the PostgreSQL client library, which allows client...

3.7CVSS6.6AI score0.00616EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-37159

Name of the Vulnerable Software and Affected Versions pgx versions prior to 5.9.2 Description SQL injection can occur when the non-default simple protocol is used in conjunction with a dollar quoted string literal in the SQL query. If that string literal contains text that would be interpreted as...

9.8CVSS5.8AI score0.00356EPSS
Exploits0References271
Snyk
Snyk
added 2026/02/12 1:55 p.m.4 views

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via improper validation of the oidvector type. An attacker can access a few bytes of server memory by crafting specific database queries. Remediation Upgrade libpq to version 14.22, 15.17,...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References2
OSV
OSV
added 2026/01/16 12:18 p.m.13 views

CLSA-2026-1768565904 libpq: Fix of CVE-2025-12818

Update to 13.23 - CVE-2025-12818: fix integer overflow in allocation-size calculations...

5.9CVSS6.8AI score0.00332EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

RHEL 8 : libpq (RHSA-2026:0695)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0695 advisory. The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql:...

5.9CVSS5.6AI score0.00332EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/14 1:0 p.m.21 views

CVE-2025-8715 PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS0.00412EPSS
Exploits0References1
OSV
OSV
added 2025/05/30 1:48 p.m.4 views

OESA-2025-1568 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

5.9CVSS7.5AI score0.00637EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:16 a.m.9 views

CVE-2019-15534

Raml-Module-Builder 26.4.0 allows SQL Injection in PostgresClient.update...

9.8CVSS8.2AI score0.01421EPSS
Exploits0References1
OSV
OSV
added 2025/02/28 3:34 p.m.8 views

OESA-2025-1228 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

8.1CVSS8.1AI score0.89914EPSS
Exploits10References2
OSV
OSV
added 2020/08/12 4:15 p.m.5 views

DEBIAN-CVE-2020-17446

asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...

9.8CVSS9AI score0.02417EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/28 12:0 a.m.2 views

Raml-Module-Builder SQL Injection Vulnerability

Raml-Module-Builder is a framework that allows the creation of modules based on RAML files. A SQL injection vulnerability exists in PostgresClient.update in Raml-Module-Builder version 26.4.0, which can be exploited by an attacker to execute illegal SQL commands...

9.8CVSS8.2AI score0.01421EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/08/23 3:18 p.m.10 views

postgresql: Certain host connection parameters defeat client-side security defenses

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side...

8.5CVSS7.3AI score0.05154EPSS
Exploits0References5
Rows per page
Query Builder