4204 matches found
OESA-2026-1493 postgresql security update
PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...
Python Library OpenEXR 2.3.x / 3.x < 3.2.6 / 3.3.x < 3.3.8 / 3.4.x < 3.4.6 Heap Buffer Overflow
The version of the OpenEXR Python package installed on the remote host is 2.3.x or 3.x prior to 3.2.6, 3.3.x prior to 3.3.8, or 3.4.x prior to 3.4.6. It is, therefore, affected by a heap buffer overflow vulnerability: - In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in a...
Linux Distros Unpatched Vulnerability : CVE-2026-27622
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In...
Amazon Linux 2023 : postgresql16, postgresql16-contrib, postgresql16-llvmjit (ALAS2023-2026-1458)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1458 advisory. Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of...
postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...
SUSE CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
Important: postgresql17
Issue Overview: Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before...
CLSA-2026-1772638779 cups-filters: Fix of CVE-2025-57812
CVE-2025-57812: fix out-of-bounds read/write when processing crafted TIFF images; validate bytes-per-pixel and use correct pixel buffer size, preventing memory access outside the buffer...
postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...
ROS-20260304-73-0019
A vulnerability in the readstring function of the hwmon component of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
TencentOS Server 4: postgresql (TSSA-2026:0125)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0125 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
DEBIAN-CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
UBUNTU-CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
EUVD-2026-9342
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
Security update for postgresql14
This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...