Lucene search
+L

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-20229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all...

4.3CVSS6.1AI score0.01466EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.8 views

RHEL 7 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: Uncontrolled search path element in pgdump and other client applications CVE-2018-1058 - It w...

8.8CVSS7.8AI score0.14142EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.26 views

Puppet Enterprise < 2019.8.6 PostgreSQL Vulnerabilities

For more information about these vulnerabilities, refer to the Postgresql News Page. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin were extracted...

4.3CVSS5.2AI score0.01466EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2021-0121)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.1AI score0.01466EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2022/01/24 12:0 a.m.26 views

GLSA-202105-32 : PostgreSQL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202105-32 PostgreSQL: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact : An authenticated remote attacker, by executing...

4.3CVSS5.7AI score0.01466EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2021:0543-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.1AI score0.01466EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/26 5:57 a.m.20 views

Security Bulletin: Security Bypass Vulnerability in PostgreSQL Affects IBM Connect:Direct Web Services (CVE-2021-20229)

Summary Security bypass vulnerability in PostgreSQL versions used by IBM Connect:Direct Web Services. IBM Connect:Direct Web Services has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-20229 DESCRIPTION: PostgreSQL could allow a remote authenticated attacker to obtain...

4.3CVSS1.3AI score0.01466EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2021:0545-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.4AI score0.01466EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2021/04/09 12:0 a.m.64 views

PostgreSQL 11.x < 11.11 / 12.x < 12.6 / 13.x < 13.2 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 11 prior to 11.11, 12 prior to 12.6, or 13 prior to 13.2. As such, it is potentially affected by multiple vulnerabilities : - An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user...

4.3CVSS5.7AI score0.01466EPSS
Exploits2References5
OSV
OSV
added 2021/04/07 11:2 a.m.1 views

OESA-2021-1124 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

4.3CVSS7.3AI score0.01466EPSS
Exploits0References2
Mageia
Mageia
added 2021/03/12 1:25 a.m.49 views

Updated postgresql packages fix security vulnerabilities

A user having an UPDATE privilege on a partitioned table but lacking the SELECT privilege on some column may be able to acquire denied-column values from an error message CVE-2021-3393. A user having a SELECT privilege on an individual column can craft a special query that returns all columns of...

4.3CVSS2.8AI score0.01466EPSS
Exploits2References2
CVE
CVE
added 2021/02/23 5:40 p.m.287 views

CVE-2021-20229

CVE-2021-20229 – Summary (based on provided sources): PostgreSQL versions before 13.2 are vulnerable to a confidentiality flaw where a user with SELECT privilege on a single column can craft a query that returns all columns in a table. The issue is discussed across multiple advisories (IBM Securi...

4.3CVSS4.4AI score0.01466EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2021/02/23 5:40 p.m.28 views

CVE-2021-20229

A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality...

4.3CVSS4.6AI score0.01466EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/02/23 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : postgresql13 (SUSE-SU-2021:0543-1)

This update for postgresql13 fixes the following issues : Upgrade to version 13.2 : - Updating stored views and reindexing might be needed after applying this update. - CVE-2021-3393, bsc1182040: Fix information leakage in constraint-violation error messages. - CVE-2021-20229, bsc1182039: Fix...

4.3CVSS5.6AI score0.01466EPSS
Exploits2References8
ArchLinux
ArchLinux
added 2021/02/20 12:0 a.m.213 views

[ASA-202102-31] postgresql: information disclosure

Arch Linux Security Advisory ASA-202102-31 ========================================== Severity: Medium Date : 2021-02-20 CVE-ID : CVE-2021-3393 CVE-2021-20229 Package : postgresql Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-1567 Summary ======= The package...

4.3CVSS7.7AI score0.01466EPSS
Exploits2References6
ALT Linux
ALT Linux
added 2021/02/11 12:0 a.m.61 views

Security fix for the ALT Linux 10 package postgresql13 version 13.2-alt1

Feb. 11, 2021 Alexei Takaseev 13.2-alt1 - 13.2 Fixes CVE-2021-20229, CVE-2021-3393...

4CVSS5.3AI score0.01466EPSS
Exploits2
Kaspersky
Kaspersky
added 2021/02/11 12:0 a.m.37 views

KLA12088 Multiple vulnerabilities in PostgreSQL

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A security bypass vulnerability in SELECT privilege can be exploited to bypass securi...

4.3CVSS5.9AI score0.01466EPSS
Exploits2References3
ALT Linux
ALT Linux
added 2021/02/11 12:0 a.m.85 views

Security fix for the ALT Linux 10 package postgresql15 version 13.2-alt1

Feb. 11, 2021 Alexei Takaseev 13.2-alt1 - 13.2 Fixes CVE-2021-20229, CVE-2021-3393...

4CVSS5.3AI score0.01466EPSS
Exploits2
ALT Linux
ALT Linux
added 2021/02/11 12:0 a.m.76 views

Security fix for the ALT Linux 10 package postgresql14 version 13.2-alt1

Feb. 11, 2021 Alexei Takaseev 13.2-alt1 - 13.2 Fixes CVE-2021-20229, CVE-2021-3393...

4CVSS5.3AI score0.01466EPSS
Exploits2
Prion
Prion
added 2020/07/15 6:15 p.m.40 views

Design/Logic Flaw

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

3.5CVSS5.1AI score0.02221EPSS
Exploits0References7Affected Software4
Rows per page
Query Builder