Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-10936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was...

8.1CVSS7.5AI score0.0291EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.27 views

RHEL 7 : postgresql-jdbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes CVE-2022-21724 - A weakness...

9.8CVSS8.8AI score0.0301EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.18 views

RHEL 8 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - PostgreSQL: Postgres JDBC driver does not perform host name validation by default CVE-2018-10936 -...

9.1AI score0.0291EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.3 views

SUSE CVE-2018-10936

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by...

8.1CVSS6.7AI score0.0291EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/27 8:42 a.m.54 views

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities (CVE-2018-1058, CVE-2018-10936, CVE-2019-9193)

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerabilities 3 issues for Postgresql: 1 for a flaw in the searchpath setting2, 1 for a failure to check the host name if a host name verifier was not provided to the driver and...

9CVSS1.6AI score0.91877EPSS
Exploits18Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/22 10:30 p.m.34 views

Security Bulletin: IBM Security Information Queue uses database components with known vulnerabilities (CVE-2016-3506, CVE-2018-1058, CVE-2018-10936, CVE-2019-9193)

Summary IBM Security Information Queue ISIQ relies on older Oracle JDBC and PostgreSQL JAR files that have known vulnerabilities. As of v1.0.5, ISIQ switched to newer, secure versions of the JAR files. Vulnerability Details CVEID: CVE-2016-3506 DESCRIPTION: Unspecified vulnerability in the JDBC...

9CVSS0.4AI score0.91877EPSS
Exploits18Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/13 12:0 a.m.27 views

Fedora 29 : postgresql-jdbc (2019-7d0d59764e)

new upstream version, to fix CVE-2018-10936 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

8.1CVSS7.6AI score0.0291EPSS
Exploits0References2
CVE
CVE
added 2018/08/30 1:0 p.m.122 views

CVE-2018-10936

CVE-2018-10936 affects the PostgreSQL JDBC driver prior to 42.2.5. If an SSL Factory is provided and no host name verifier is configured, the driver might skip host name verification, enabling a MITM attacker to impersonate a trusted server with a CA-signed certificate. The risk is constrained to...

8.1CVSS7.6AI score0.0291EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder