13181 matches found
CVE-2024-39843
A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via create user form inputs...
CVE-2024-39843
A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via create user form inputs...
CVE-2024-39842
A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs...
CVE-2024-39843
Centreon 24.04.2 is affected by a SQL injection vulnerability that allows a remote attacker to execute arbitrary SQL commands via the create user form inputs. Multiple sources describe the flaw as arising from lack of input validation when building SQL queries, enabling privilege escalation in af...
postgresql:16 security update
An update is available for postgres-decoderbufs, pgaudit, module.pgaudit, module.postgres-decoderbufs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL...
RLSA-2024:5927 Important: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more detail...
MGASA-2024-0301 Updated postgresql15 & postgresql13 packages fix security vulnerability
Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...
Rocky Linux 8 : postgresql:16 (RLSA-2024:5927)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5927 advisory. postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during pgdump...
ROS-20240911-21
A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...
ROS-20240911-19
A vulnerability in the pgdump utility of the PostgreSQL database management system is related to the dereferencing of a null pointer due to competitive access to a resource race condition. pointer due to competitive access to a resource race condition. Exploitation of the vulnerability could allo...
postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL
A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...
SUSE-SU-2024:3192-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: - Upgrade to 13.16 bsc1229013 - CVE-2024-7348: PostgreSQL relation replacement during pgdump executes arbitrary SQL. bsc1229013...
SUSE-SU-2024:3191-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: - Upgrade to 12.20 bsc1229013 - CVE-2024-7348: PostgreSQL relation replacement during pgdump executes arbitrary SQL. bsc1229013...
SUSE: Security Advisory (SUSE-SU-2024:3181-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3169-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: - Upgrade to 14.13 bsc1229013 - CVE-2024-7348: PostgreSQL relation replacement during pgdump executes arbitrary SQL. bsc1229013...
postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL
A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...
postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL
A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...
postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL
A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...
Important: Red Hat Security Advisory: postgresql security update
An update for postgresql is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL
A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...