Lucene search
K

47 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0136: postgresql:13 (ALINUX3-SA-2022:0136)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0136 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-23214: It was found that a...

8.8CVSS7.2AI score0.12403EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2025/02/21 12:12 p.m.16 views

K000149918: PostgresQL vulnerability CVE-2021-3677

Security Advisory Description A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server...

6.5CVSS6.8AI score0.0142EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.37 views

Rocky Linux 8 : postgresql:12 (RLSA-2021:5235)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5235 advisory. - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker ca...

8.1CVSS7.3AI score0.01901EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.36 views

Puppet Enterprise < 2019.8.8 / 2021.x < 2021.3 PostgreSQL Vulnerability

For more information about this vulnerability, refer to the security announcements for CVE-2021-3677 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugi...

6.5CVSS7.1AI score0.0142EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/11/22 12:0 a.m.33 views

GLSA-202211-04 : PostgreSQL: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202211-04 PostgreSQL: Multiple Vulnerabilities - When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries...

8.8CVSS7.7AI score0.12403EPSS
Exploits0References12
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/08 4:36 p.m.80 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of "Arrays.equals" to validate a password or key. By...

7.4CVSS7.5AI score0.50445EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.40 views

SUSE SLES15: libecpg6 / libpq5 / libpq5-32bit / postgresql12 / etc (SUSE-SU-2022:2958-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2958-1 advisory. - Upgrade to 12.12: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension...

8.8CVSS6.8AI score0.12403EPSS
Exploits0References31
OpenVAS
OpenVAS
added 2022/09/01 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2022:2958-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.12403EPSS
Exploits0References17
CBLMariner
CBLMariner
added 2022/08/12 4:45 p.m.14 views

CVE-2021-3677 affecting package postgresql 12.7-2

CVE-2021-3677 affecting package postgresql 12.7-2. An upgraded version of the package is available that resolves this issue...

6.5CVSS7.4AI score0.0142EPSS
Exploits0
CBLMariner
CBLMariner
added 2022/04/26 8:17 p.m.18 views

CVE-2021-3677 affecting package postgresql for versions less than 14.2-1

CVE-2021-3677 affecting package postgresql for versions less than 14.2-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS6.9AI score0.0142EPSS
Exploits0
CVE
CVE
added 2022/03/02 12:0 a.m.435 views

CVE-2021-3677

CVE-2021-3677 is a memory disclosure flaw in PostgreSQL. A purpose-crafted query can read arbitrary server-memory bytes. In default configurations, any authenticated database user can trigger the attack without creating objects; if max_worker_processes=0, known variants are infeasible, though und...

6.5CVSS6.4AI score0.0142EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/12/30 12:0 a.m.33 views

Oracle Linux 8 : postgresql:13 (ELSA-2021-5236)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-5236 advisory. postgresql 13.5-1 - Update to 13.5 - Resolves: 2024608 Tenable has extracted the preceding description block directly from the Oracle Linux security...

8.1CVSS7AI score0.01901EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/12/21 10:1 a.m.37 views

Moderate: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.8AI score0.01901EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/12/21 10:1 a.m.44 views

Moderate: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.8AI score0.01901EPSS
Exploits0References3
OSV
OSV
added 2021/12/21 9:10 a.m.30 views

RLSA-2021:5236 Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.5. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

8.1CVSS7.8AI score0.01901EPSS
Exploits0References3
OSV
OSV
added 2021/12/21 9:10 a.m.37 views

ALSA-2021:5236 Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.5. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

8.1CVSS7.8AI score0.01901EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2021/12/21 9:10 a.m.45 views

Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.5. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

8.1CVSS7.7AI score0.01901EPSS
Exploits0References3
OSV
OSV
added 2021/12/21 9:10 a.m.30 views

ALSA-2021:5235 Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.9. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

8.1CVSS7.8AI score0.01901EPSS
Exploits0References3
OSV
OSV
added 2021/12/21 9:10 a.m.31 views

RLSA-2021:5235 Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.9. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

8.1CVSS7.8AI score0.01901EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2021/12/21 9:10 a.m.61 views

Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.9. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

8.1CVSS7.7AI score0.01901EPSS
Exploits0References3
Rows per page
Query Builder