Lucene search
K

89 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/28 12:0 a.m.22 views

AlmaLinux 9 : postgresql:15 (ALSA-2024:0950)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0950 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block directly...

8CVSS7.8AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.37 views

Oracle Linux 8 : postgresql:15 (ELSA-2024-0973)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0973 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.6-1 - update to 15.6 - Fixes CVE-2024-0985 Tenable has extracted the preceding description block directly fr...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/02/26 7:53 p.m.52 views

Important: Red Hat Security Advisory: rh-postgresql12-postgresql security update

An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/02/26 7:53 p.m.4 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/26 7:51 p.m.5 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
OSV
OSV
added 2024/02/26 1:40 p.m.6 views

USN-6656-1 postgresql-12, postgresql-14, postgresql-15 vulnerability

It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL...

8CVSS7.4AI score0.01465EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/02/26 3:3 a.m.6 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/26 1:47 a.m.87 views

Important: Red Hat Security Advisory: postgresql:10 security update

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/26 12:0 a.m.20 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : PostgreSQL vulnerability (USN-6656-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6656-1 advisory. It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a...

8CVSS7.8AI score0.01465EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2024/02/26 12:0 a.m.35 views

Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/22 4:31 p.m.3 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/02/22 3:50 p.m.3 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
OSV
OSV
added 2024/02/22 12:0 a.m.13 views

ALSA-2024:0950 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS8.3AI score0.01465EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/21 12:0 a.m.18 views

SUSE SLES12: libecpg6 / libecpg6-32bit / libpq5 / libpq5-32bit / postgresql16 / etc (SUSE-SU-2024:0546-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0546-1 advisory. Upgrade to 16.2: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679. Tenable has...

8CVSS7.2AI score0.01465EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/02/21 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2024:0551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.8AI score0.01465EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/21 12:0 a.m.25 views

SUSE SLED15: libecpg6 / libecpg6-32bit / libpq5 / libpq5-32bit / postgresql16 / etc (SUSE-SU-2024:0550-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0550-1 advisory. Upgrade to 16.2: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW...

8CVSS7.2AI score0.01465EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/21 12:0 a.m.21 views

SUSE SLES12: postgresql13 / postgresql13-contrib / postgresql13-devel / etc (SUSE-SU-2024:0541-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0541-1 advisory. Upgrade to 13.14: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679. Tenable has...

8CVSS7.2AI score0.01465EPSS
Exploits0References4
OSV
OSV
added 2024/02/20 3:4 p.m.2 views

SUSE-SU-2024:0541-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.14: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...

8CVSS7.8AI score0.01465EPSS
Exploits0References3
OSV
OSV
added 2024/02/20 3:4 p.m.4 views

SUSE-SU-2024:0540-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.11: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...

8CVSS7.8AI score0.01465EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/02/17 12:0 a.m.11 views

SUSE SLES15: postgresql12 / postgresql12-contrib / postgresql12-devel / etc (SUSE-SU-2024:0523-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0523-1 advisory. Upgrade to 12.18: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679...

8CVSS7.2AI score0.01465EPSS
Exploits0References4
Rows per page
Query Builder