187 matches found
postgresql:13 security update
An update is available for postgres-decoderbufs, postgresql, pgrepack, module.postgresql, module.postgres-decoderbufs, pgaudit, module.pgrepack, module.pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: postgresql:13 security update
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ALSA-2024:0973 Important: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
U.S. Dept Of Defense: DBMS information getting exposed publicly on -- [ ██████████ ]
A public file was found that exposed sensitive data from the website's database, including hashed user information and other configuration details. The file contained SQL statements that could be used to access the database, potentially revealing confidential data...
postgresql security update
CentOS Errata and Security Advisory CESA-2023:7783 An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Binary Vulnerability in Damon Database Management System DM8
Damon database management system DM8 is a new generation of large-scale general-purpose relational database, fully supports SQL standards and mainstream programming language interfaces/development frameworks. A binary vulnerability exists in Damon Database Management System DM8, which can be...
CVE-2023-41120
An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It permits an authenticated user to use DBMSPROFILER to remove all accumulated profiling data on a system-wide basis,...
PT-2023-27804 · Enterprisedb · Enterprisedb Postgres Advanced Server
Name of the Vulnerable Software and Affected Versions: EnterpriseDB Postgres Advanced Server EPAS versions prior to 11.21.32 EnterpriseDB Postgres Advanced Server EPAS versions 12.x prior to 12.16.20 EnterpriseDB Postgres Advanced Server EPAS versions 13.x prior to 13.12.16 EnterpriseDB Postgres...
EnterpriseDB Postgres Advanced Server Security Vulnerability
EnterpriseDB Postgres Advanced Server EPAS is an application from EnterpriseDB, Inc. used to extend the functionality of Postgres databases. A security vulnerability exists in EnterpriseDB Postgres Advanced Server that originates from allowing an authenticated user to delete all accumulated...
postgresql:13 security update
An update is available for pgrepack, module.pgaudit, postgres-decoderbufs, module.pgrepack, module.postgres-decoderbufs, pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
postgresql:12 security update
An update is available for module.pgaudit, postgresql, pgaudit, module.pgrepack, module.postgres-decoderbufs, pgrepack, module.postgresql, postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Moderate: Red Hat Security Advisory: postgresql:15 security update
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2023-2567
A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality. Authenticated users may be able to execute arbitrary SQL statements on the DBMS used by the web application...
CVE-2023-29245
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
Sql injection
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application. Authenticated users can extract...
Sql injection
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
CVE-2023-29245 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
CVE-2023-2567 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0
A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality. Authenticated users may be able to execute arbitrary SQL statements on the DBMS used by the web application...
CVE-2023-21521
An SQL Injection vulnerability in the Management Console Operator Audit Trail of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data Insert/Update/Delete, execute administration operations on the database, recover the...
CVE-2023-38905
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PGSleep, DBMSLock.Sleep, Waitfor, DECODE, and DBMSPIPE.RECEIVEMESSAGE functions...