CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 6 days ago•7 views

RockyLinux 9 : postgresql-jdbc (RLSA-2026:22304)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:22304 advisory. jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication CVE-2026-42198 Tenable has extracted the preceding...

7.5CVSS7.2AI score0.00043EPSS

Exploits0References3

Rockylinux•added 2026/06/02 6:3 p.m.•11 views

postgresql-jdbc security update

An update is available for postgresql-jdbc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management syste...

7.5CVSS7.1AI score0.00043EPSS

Exploits0

OSV•added 2026/06/02 6:3 p.m.•9 views

RLSA-2026:22304 Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...

7.5CVSS7.1AI score0.00043EPSS

Ubuntu•added 2026/06/02 12:42 p.m.•7 views

USN-8365-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly treated some variable expansion pipelines as safe in authentication filters. An attacker could possibly use this issue to perform SQL or LDAP injection attacks. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-27851 It was discovered...

9.1CVSS5.9AI score0.00021EPSS

Exploits0

RedHat Linux•added 2026/06/01 10:21 a.m.•11 views

Important: Red Hat Security Advisory: postgresql-jdbc security update

An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

OPENSUSE Linux•added 2026/06/01 12:0 a.m.•7 views

Security update for postgresql-jdbc (important)

openSUSE security update: security update for postgresql-jdbc ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20847-1 Rating: important References: bsc1264174 Cross-References: CVE-2026-42198 CVSS scores: CVE-2026-42198 SUSE : 7.5...

OSV•added 2026/05/29 4:36 p.m.•3 views

Exploits0References1

OPENSUSE-SU-2026:20847-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication bsc1264174...

7.5CVSS7.1AI score0.00043EPSS

OSV•added 2026/05/29 1:35 p.m.•4 views

OESA-2026-2501 postgresql-jdbc security update

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is an open...

7.5CVSS5.7AI score0.00043EPSS

RedhatCVE•added 2026/05/28 11:5 a.m.•6 views

CVE-2026-6478

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.7AI score0.0008EPSS

Tenable Nessus•added 2026/05/26 12:0 a.m.•9 views

SUSE SLES15 Security Update : postgresql-jdbc (SUSE-SU-2026:2028-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2028-1 advisory. This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256...

7.5CVSS5.9AI score0.00043EPSS

OSV•added 2026/05/25 8:23 a.m.•4 views

CLSA-2026-1779697425 postgresql: Fix of CVE-2026-6478

CVE-2026-6478: backport upstream prerequisite that introduces the timingsafebcmp constant-time memory comparison helper, then apply it to SCRAM and MD5 authentication paths that previously used memcmp or strcmp on password hashes, computed keys, and SCRAM nonces, to prevent timing-side-channel...

6.5CVSS5.8AI score0.0008EPSS

Exploits0References1

OSV•added 2026/05/22 1:22 p.m.•2 views

OESA-2026-2446 postgresql-jdbc security update

7.5CVSS5.7AI score0.00043EPSS

OSV•added 2026/05/22 1:22 p.m.•2 views

OESA-2026-2445 postgresql-jdbc security update

7.5CVSS7AI score0.00043EPSS

OSV•added 2026/05/22 1:22 p.m.•3 views

OESA-2026-2444 postgresql-jdbc security update

7.5CVSS7AI score0.00043EPSS

OSV•added 2026/05/22 1:22 p.m.•2 views

OESA-2026-2443 postgresql-jdbc security update

7.5CVSS7AI score0.00043EPSS

RedHat Linux•added 2026/05/20 12:47 p.m.•7 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.27.3.SP2 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

SUSE Linux•added 2026/05/20 9:8 a.m.•4 views

Exploits0References5

Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256 authentication bsc1264174. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

OSV•added 2026/05/20 9:8 a.m.•1 views

SUSE-SU-2026:2028-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256 authentication bsc1264174...