136 matches found
TencentOS Server 3: postgresql (TSSA-2022:0181)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0181 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0043: postgresql:13 (ALINUX3-SA-2021:0043)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0043 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-32027: A flaw was found in...
ROS-2-522
2.522 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
K000151082: PostgreSQL vulnerability CVE-2021-32027
Security Advisory Description A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory...
postgresql security update
9.2.24-9.0.3 - Fixes CVE-2024-10979 where environment variable mutations Orabug: 37370704 - are incorrectly allowed from trusted PL/Perl code...
Advisory ROSA-SA-2024-2501
Software: postgresql 12.20 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.20-1.rv3 CVE-ID: CVE-2021-32027 BDU-ID: 2021-02776 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to an operation exceeding buffer boundaries during array...
Amazon Linux 2 : postgresql (ALAS-2024-2567)
The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2567 advisory. While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a...
ROS-2-1437
2.1437 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
ROS-2-1316
2.1316 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
ROS-2-876
2.876 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...
Debian dla-3651 : libecpg-compat3 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3651 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3651-1 [email protected]...
postgresql-server -- Buffer overrun from integer overflow in array modification
PostgreSQL Project reports: While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database users read a wide area of server...
Vulnerability in core server (CVE-2023-5869)
Buffer overrun from integer overflow in array modification While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL13-2023-003)
The version of postgresql installed on the remote host is prior to 13.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL13-2023-003 advisory. A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2023-004)
The version of postgresql installed on the remote host is prior to 12.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL12-2023-004 advisory. A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let...
Amazon Linux 2 : postgresql (ALASPOSTGRESQL11-2023-003)
The version of postgresql installed on the remote host is prior to 11.12-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL11-2023-003 advisory. A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let...
Important: postgresql
Issue Overview: A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as...
GLSA-202211-04 : PostgreSQL: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202211-04 PostgreSQL: Multiple Vulnerabilities - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries...
Hitachi Energy MicroSCADA X DMS600
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Hitachi Energy Equipment: DMS600 Vulnerability: Reliance on Uncontrolled Component 2. RISK EVALUATION Successful exploitation of this vulnerabilities could allow an attacker to gain unauthorized access...
Amazon Linux 2 : postgresql (ALAS-2022-1843)
The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1843 advisory. 2024-05-23: CVE-2021-32027 was added to this advisory. 2024-05-23: CVE-2023-5869 was added to this advisory. A flaw wa...