postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL

A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...

postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL

A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...

Kashipara Bus Ticket Reservation System SQL Injection Vulnerability

Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A SQL injection vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from the application's lack of validation of externally-entered SQL statements, and can be exploited by a remote...

RHEL 9 : postgresql (RHSA-2024:5999)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5999 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdum...

ALSA-2024:6018 Important: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Important: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 For more detail...

AlmaLinux 8 : postgresql:15 (ALSA-2024:6001)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6001 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack...

ALSA-2024:6020 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 For more detail...

SQL Injection

Centreon Web is vulnerable to SQL Injection. The vulnerability is due to improper input validation in the Downtime component, which allows attackers to execute arbitrary SQL commands...

postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL

A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...

postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL

A vulnerability was found in PostgreSQL. A Race condition in pgdump allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser...

ZOHO ManageEngine ADAudit Plus SQL Injection Vulnerability (CNVD-2024-37487)

ZOHO ManageEngine ADAudit Plus is ZOHO's solution for simplifying audits, proving compliance and detecting threats. ZOHO ManageEngine ADAudit Plus prior to version 8000 suffers from a SQL injection vulnerability that can be exploited by an attacker to execute arbitrary SQL commands...

CVE-2024-45265

A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...

CVE-2024-45265

A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...

CVE-2024-45265

A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...

CVE-2024-45265

CVE-2024-45265 affects SkySystem Arfa-CMS before 5.1.3124. The vulnerability is a SQL injection in the poll component, exploitable via the psid parameter to allow remote attackers to execute arbitrary SQL commands. Root cause is improper handling of user-supplied psid data in the poll module, lea...

CVE-2024-42765

A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters...

OESA-2024-2054 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

CVE-2024-42765

A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters...