Lucene search
+L

27 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/07/08 7:1 a.m.11 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in postgresql 13.16-1.el9_4

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of postgresql 13.16-1.el94 Vulnerability Details CVEID:CVE-2023-39418 DESCRIPTION: A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined...

4.3CVSS6.6AI score0.00956EPSS
Exploits0Affected Software1
Rosalinux
Rosalinux
added 2024/10/03 8:57 p.m.36 views

Advisory ROSA-SA-2024-2486

Software: postgresql15 15.7 OS: rosa-server79 packageevrstring: postgresql15-15.7-1PGDG.res7 CVE-ID: CVE-2023-39418 BDU-ID: 2023-04768 CVE-Crit: LOW CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to access delimitation flaws. Exploitation of the vulnerability...

8.8CVSS8.3AI score0.04322EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/30 12:0 a.m.22 views

Oracle Linux 9 : postgresql:15 (ELSA-2024-6020)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6020 advisory. - Fix CVE-2024-0985 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 - Fixes CVE-2023-2454 and CVE-2023-2455...

8.8CVSS6.6AI score0.04322EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.24 views

openSUSE: Security Advisory for postgresql15 (SUSE-SU-2023:3347-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.01572EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.49 views

AlmaLinux 8 : postgresql:15 (ALSA-2023:7884)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7884 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-58...

8.8CVSS6.9AI score0.04322EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/20 9:43 a.m.41 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

8.8CVSS6.8AI score0.04322EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2023/12/20 12:0 a.m.42 views

postgresql:15 security update

pgaudit 1.7.0-1 - Update to 1.7.0 - Support postgresql 15 - Related: 2128241 1.5.0-1 - Update to version 1.5.0 Related: 1855776 pgrepack 1.4.8-1 - Update to version 1.4.8 - Postgresql 15 is supported - Related: 2128241 1.4.6-4 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz1991688...

8.8CVSS7.5AI score0.04322EPSS
Exploits0
OSV
OSV
added 2023/12/20 12:0 a.m.33 views

ALSA-2023:7884 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 postgresql: extension script @substitutions@...

8.8CVSS8.2AI score0.04322EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/12/20 12:0 a.m.33 views

RHEL 8 : postgresql:15 (RHSA-2023:7884)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7884 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflo...

8.8CVSS7AI score0.04322EPSS
Exploits0References12
AlmaLinux
AlmaLinux
added 2023/12/13 12:0 a.m.39 views

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 postgresql: extension script @substitutions@...

8.8CVSS8.3AI score0.04322EPSS
Exploits0References12
OSV
OSV
added 2023/12/13 12:0 a.m.39 views

ALSA-2023:7785 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 postgresql: extension script @substitutions@...

8.8CVSS8.2AI score0.04322EPSS
Exploits0References12
Debian
Debian
added 2023/11/13 9:15 p.m.46 views

[SECURITY] [DSA 5553-1] postgresql-15 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5553-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 13, 2023 https://www.debian.org/security/faq -...

8.8CVSS8.8AI score0.04322EPSS
Exploits0
OSV
OSV
added 2023/09/11 1:7 p.m.7 views

MGASA-2023-0261 Updated postgresql packages fix security vulnerability

Extension script @substitutions@ within quoting allow SQL injection. CVE-2023-39417 MERGE fails to enforce UPDATE or SELECT row security policies. CVE-2023-39418...

8.8CVSS6.8AI score0.01572EPSS
Exploits0References3
Mageia
Mageia
added 2023/09/11 1:7 p.m.52 views

Updated postgresql packages fix security vulnerability

Extension script @substitutions@ within quoting allow SQL injection. CVE-2023-39417 MERGE fails to enforce UPDATE or SELECT row security policies. CVE-2023-39418...

8.8CVSS7.9AI score0.01572EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2023-0261)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.01572EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/08/18 12:0 a.m.23 views

SUSE SLED15: libecpg6 / libecpg6-32bit / libpq5 / libpq5-32bit / postgresql15 / etc (SUSE-SU-2023:3347-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3347-1 advisory. - Update to 15.4 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions...

8.8CVSS6.8AI score0.01572EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2023/08/18 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2023:3342-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.5AI score0.01572EPSS
Exploits0References5
OSV
OSV
added 2023/08/17 12:39 p.m.8 views

SUSE-SU-2023:3347-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - Update to 15.4 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059 - CVE-2023-39418: Fix MERGE to enforce row security. bsc1214061...

8.8CVSS7.3AI score0.01572EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2023/08/17 11:56 a.m.64 views

USN-6296-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser. CVE-2023-39417 It was discovered that PostgreSQL incorrectly handled the MERGE...

8.8CVSS7.1AI score0.01572EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/08/17 12:0 a.m.33 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : PostgreSQL vulnerabilities (USN-6296-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6296-1 advisory. It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREAT...

8.8CVSS7.2AI score0.01572EPSS
Exploits0References3
Rows per page
Query Builder