Security update for postgresql14

This update for postgresql14 fixes the following issues Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against malicious time zone names...

Vulnerability in contrib module (CVE-2026-2004)

PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the...

Vulnerability in contrib module (CVE-2026-2007)

PostgreSQL pgtrgm heap buffer overflow writes pattern onto server memory Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the...

DRUPAL-CORE-2025-004

Drupal core Link field attributes are not sufficiently sanitized, which can lead to a Cross Site Scripting vulnerability XSS. This vulnerability is mitigated by that fact that an attacker would need to have the ability to add specific attributes to a Link field, which typically requires edit acce...

Debian: Security Advisory (DSA-2157-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-FW3X-2PR2-5J64 GeSHi vulnerable to Directory Traversal

Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...

DRUPAL-CONTRIB-2019-058

This module enables you to customize meta tags to help with a site's search engine ranking and improve the display of page summaries when shared on social networks. The module doesn't sufficiently check for a site being in maintenance mode. This vulnerability is mitigated by the fact that the sit...

DRUPAL-CONTRIB-2019-019

This resolves issues described in SA-CORE-2019-003 for this module...

Vulnerability in contrib module (CVE-2018-1115)

Too-permissive access control list on function pglogfilerotate...

Vulnerability in contrib module (CVE-2017-12172)

Start scripts permit database administrator to modify root-owned files...

CVE-2012-3521

Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. dot dot in the 1 geshi-path or 2 geshi-lang-path parameter...

Vulnerability in contrib module (CVE-2014-0066)

Potential null pointer dereference crash when crypt3 returns NULL...

Amazon Linux AMI : postgresql8 (ALAS-2013-244)

An array index error, leading to a heap-based out-of-bounds buffer read flaw, was found in the way PostgreSQL performed certain error processing using enumeration types. An unprivileged database user could issue a specially crafted SQL query that, when processed by the server component of the...

RedHat Update for postgresql and postgresql84 RHSA-2013:1475-01

Check for the Version of postgresql and postgresql84 OpenVAS Vulnerability Test RedHat Update for postgresql and postgresql84 RHSA-2013:1475-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Updated php-geshi package fix security vulnerabilities

A directory traversal and information disclosure local file inclusion flaws were found in the cssgen contrib module application to generate custom CSS files of GeSHi, a generic syntax highlighter, performed sanitization of 'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote...

Vulnerability in contrib module (CVE-2013-1900)

Random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess...

Vulnerability in contrib module (CVE-2012-3488)

contrib/xml2's xsltprocess can be used to read and write arbitrary files...

CentOS Update for postgresql CESA-2012:1264 centos5

Check for the Version of postgresql OpenVAS Vulnerability Test CentOS Update for postgresql CESA-2012:1264 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS 5 : postgresql (CESA-2012:1264)

Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CentOS Update for postgresql CESA-2012:1036 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...