Lucene search
K

47 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 3 : postgresql-8.1.23-6.0.1.AXS3 (AXSA:2012-1005:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-1005:03 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and...

4.9CVSS7.2AI score0.03297EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2012:1336-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.1AI score0.04972EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.30 views

Oracle: Security Advisory (ELSA-2012-1263)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.03297EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.26 views

Oracle: Security Advisory (ELSA-2012-1264)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS6.7AI score0.03297EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.19 views

Amazon Linux: Security Advisory (ALAS-2012-129)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.03297EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.34 views

SUSE SLED10 / SLES10 Security Update : PostgreSQL (SUSE-SU-2012:1336-1)

PostgreSQL was updated to the latest stable release 8.1.23, fixing various bugs and security issues. The following security issues have been fixed : - CVE-2012-3488: This update fixes arbitrary read and write of files via XSL functionality. - CVE-2012-2655: postgresql: denial of service stack...

6.5CVSS7.2AI score0.04972EPSS
Exploits3References12
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.46 views

openSUSE Security Update : postgresql / postgresql-libs (openSUSE-SU-2012:1288-1)

Security and bugfix release 9.1.5 : - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler CVE-2012-2655 bnc765069 - Fix incorrect password transformation in 'contrib/pgcrypto''s DES crypt function CVE-2012-2143 bnc766799 - Prevent access to external files/URLs via...

6.5CVSS7.5AI score0.05734EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.37 views

openSUSE Security Update : postgresql / postgresql-libs (openSUSE-SU-2012:1251-1)

Security and bugfix release 9.1.5 : - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler CVE-2012-2655 bnc765069 - Fix incorrect password transformation in 'contrib/pgcrypto''s DES crypt function CVE-2012-2143 bnc766799 - Prevent access to external files/URLs via...

6.5CVSS7.5AI score0.05734EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.59 views

openSUSE Security Update : postgresql (openSUSE-SU-2012:1299-1)

This version upgrade of PostgreSQL fixes following issues : - Bugfix release 9.0.10 : - Fix planner's assignment of executor parameters, and fix executor's rescan logic for CTE plan nodes. - Improve page-splitting decisions in GiST indexes. - Fix cascading privilege revoke to stop if privileges a...

6.5CVSS7.5AI score0.05734EPSS
Exploits3References10
OpenVAS
OpenVAS
added 2013/09/18 12:0 a.m.48 views

Debian Security Advisory DSA 2534-1 (postgresql-8.4 - several vulnerabilities)

Two vulnerabilities related to XML processing were discovered in PostgreSQL, an SQL database. CVE-2012-3488contrib/xml2's xsltprocess can be used to read and write external files and URLs. CVE-2012-3489xmlparse fetches external files or URLs to resolve DTD and entity references in XML values. Thi...

4.9CVSS0.1AI score0.03297EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2013/09/18 12:0 a.m.17 views

Debian: Security Advisory (DSA-2534-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.03297EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.34 views

Amazon Linux AMI : postgresql9 (ALAS-2012-121)

The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to...

4.9CVSS7.4AI score0.03297EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.31 views

Amazon Linux AMI : postgresql8 (ALAS-2012-129)

It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges of the database server when parsing Extensible Stylesheet Language Transformations XSLT. An unprivileged database user could use this flaw to read and...

6.5CVSS7.3AI score0.03297EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2013/04/08 12:0 a.m.37 views

Fedora Update for postgresql FEDORA-2013-5000

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.4AI score0.54312EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2012/12/28 12:0 a.m.63 views

PostgreSQL 8.3 < 8.3.20 / 8.4 < 8.4.13 / 9.0 < 9.0.9 / 9.1 < 9.1.5 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 8.3.x prior to 8.3.20, 8.4.x prior to 8.4.13, 9.0.x prior to 9.0.9, or 9.1.x prior to 9.1.5. It therefore is potentially affected by multiple vulnerabilities : - A flaw in contrib/xml2's xsltprocess can be used to read and write arbitrary...

6.5CVSS7.3AI score0.03297EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2012/10/15 12:0 a.m.57 views

SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 8311)

PostgreSQL was updated to the latest stable release 8.1.23, fixing various bugs and security issues. The following security issues have been fixed : - This update fixes arbitrary read and write of files via XSL functionality. CVE-2012-3488 - postgresql: denial of service stack exhaustion via...

6.5CVSS7.2AI score0.04972EPSS
Exploits3References8
CVE
CVE
added 2012/10/03 9:0 p.m.176 views

CVE-2012-3488

CVE-2012-3488 affects PostgreSQL’s libxslt support in contrib/xml2 across multiple versions (8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, 9.1 before 9.1.5). The vulnerability arises from insufficient restriction of files/URLs via libxslt or XML External Entity processing (XXE) in the x...

4.9CVSS6.4AI score0.03297EPSS
Exploits1References24Affected Software1
OpenVAS
OpenVAS
added 2012/10/03 12:0 a.m.41 views

Gentoo Security Advisory GLSA 201209-24 (PostgreSQL)

The remote host is missing updates announced in advisory GLSA 201209-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

6.8CVSS0.4AI score0.05734EPSS
Exploits4
Amazon
Amazon
added 2012/09/22 12:0 a.m.43 views

Medium: postgresql8

Issue Overview: It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges of the database server when parsing Extensible Stylesheet Language Transformations XSLT. An unprivileged database user could use this fla...

6.5CVSS7.7AI score0.03297EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2012/09/17 12:0 a.m.22 views

RedHat Update for postgresql RHSA-2012:1264-01

Check for the Version of postgresql OpenVAS Vulnerability Test RedHat Update for postgresql RHSA-2012:1264-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

4.9CVSS7AI score0.03297EPSS
Exploits1References2
Rows per page
Query Builder