Lucene search
K

187 matches found

Rockylinux
Rockylinux
added 2024/03/12 3:42 p.m.48 views

postgresql:13 security update

An update is available for postgres-decoderbufs, postgresql, pgrepack, module.postgresql, module.postgres-decoderbufs, pgaudit, module.pgrepack, module.pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8CVSS8.2AI score0.01465EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/02/26 3:36 a.m.34 views

Important: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
OSV
OSV
added 2024/02/26 12:0 a.m.23 views

ALSA-2024:0973 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS8.3AI score0.01465EPSS
Exploits0References4
Hacker One
Hacker One
added 2024/02/11 6:3 p.m.28 views

U.S. Dept Of Defense: DBMS information getting exposed publicly on -- [ ██████████ ]

A public file was found that exposed sensitive data from the website's database, including hashed user information and other configuration details. The file contained SQL statements that could be used to access the database, potentially revealing confidential data...

7.3AI score
Exploits0
Cent OS
Cent OS
added 2024/01/12 7:13 p.m.1206 views

postgresql security update

CentOS Errata and Security Advisory CESA-2023:7783 An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.8CVSS7.2AI score0.04322EPSS
Exploits0References7
CNVD
CNVD
added 2024/01/10 12:0 a.m.13 views

Binary Vulnerability in Damon Database Management System DM8

Damon database management system DM8 is a new generation of large-scale general-purpose relational database, fully supports SQL standards and mainstream programming language interfaces/development frameworks. A binary vulnerability exists in Damon Database Management System DM8, which can be...

7.6AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/12/12 7:15 a.m.4 views

CVE-2023-41120

An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It permits an authenticated user to use DBMSPROFILER to remove all accumulated profiling data on a system-wide basis,...

6.5CVSS5.8AI score0.00526EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.6 views

PT-2023-27804 · Enterprisedb · Enterprisedb Postgres Advanced Server

Name of the Vulnerable Software and Affected Versions: EnterpriseDB Postgres Advanced Server EPAS versions prior to 11.21.32 EnterpriseDB Postgres Advanced Server EPAS versions 12.x prior to 12.16.20 EnterpriseDB Postgres Advanced Server EPAS versions 13.x prior to 13.12.16 EnterpriseDB Postgres...

6.5CVSS6.3AI score0.00526EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.6 views

EnterpriseDB Postgres Advanced Server Security Vulnerability

EnterpriseDB Postgres Advanced Server EPAS is an application from EnterpriseDB, Inc. used to extend the functionality of Postgres databases. A security vulnerability exists in EnterpriseDB Postgres Advanced Server that originates from allowing an authenticated user to delete all accumulated...

6.5CVSS6.6AI score0.00526EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2023/12/06 11:16 p.m.29 views

postgresql:13 security update

An update is available for pgrepack, module.pgaudit, postgres-decoderbufs, module.pgrepack, module.postgres-decoderbufs, pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.8CVSS6.8AI score0.04322EPSS
Exploits0
Rockylinux
Rockylinux
added 2023/10/06 11:10 p.m.62 views

postgresql:12 security update

An update is available for module.pgaudit, postgresql, pgaudit, module.pgrepack, module.postgres-decoderbufs, pgrepack, module.postgresql, postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.2CVSS6.7AI score0.0119EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/09/19 2:43 p.m.23 views

Moderate: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.2CVSS6.7AI score0.0119EPSS
Exploits0References3
NVD
NVD
added 2023/09/19 11:16 a.m.19 views

CVE-2023-2567

A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality. Authenticated users may be able to execute arbitrary SQL statements on the DBMS used by the web application...

8.8CVSS8.1AI score0.00504EPSS
Exploits0References1
NVD
NVD
added 2023/09/19 11:16 a.m.22 views

CVE-2023-29245

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...

9.2CVSS8.5AI score0.00499EPSS
Exploits0References1
Prion
Prion
added 2023/09/19 11:16 a.m.15 views

Sql injection

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. Authenticated users can extract...

4CVSS7AI score0.00504EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2023/09/19 11:16 a.m.13 views

Sql injection

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...

4CVSS7.9AI score0.00499EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2023/09/19 10:4 a.m.25 views

CVE-2023-29245 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...

9.2CVSS8.7AI score0.00499EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/19 10:3 a.m.23 views

CVE-2023-2567 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0

A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality. Authenticated users may be able to execute arbitrary SQL statements on the DBMS used by the web application...

8.8CVSS8.1AI score0.00504EPSS
Exploits0References1
NVD
NVD
added 2023/09/12 7:15 p.m.30 views

CVE-2023-21521

An SQL Injection vulnerability in the Management Console Operator Audit Trail of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data Insert/Update/Delete, execute administration operations on the database, recover the...

7.2CVSS7.4AI score0.0049EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/08/17 7:15 p.m.4 views

CVE-2023-38905

SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PGSleep, DBMSLock.Sleep, Waitfor, DECODE, and DBMSPIPE.RECEIVEMESSAGE functions...

5.5CVSS5.8AI score0.00277EPSS
Exploits1References3
Rows per page
Query Builder