Astra Linux - уязвимость в postgresql-11

Incomplete tracking of tables with row security in PostgreSQL allows a reused query to view or modify different rows than intended. CVE-2023-2455 and CVE-2016-2193 addressed most interactions between row security and changes to user IDs. However, they did not cover cases where a subquery, WITH...

Astra Linux - уязвимость в postgresql-11

The vulnerability of the SECURITY DEFINER function in a relational database management system like PostgreSQL is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix the definer’s HWSSET32 macro for negative offsets When the bit offset of the HWSSET32 macro is negative, UBSAN reports a out-of-bounds shift. UBSAN: out-of-bounds in...

JLSEC-2026-41

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security...

MiracleLinux 4 : postgresql-8.4.20-8.0.1.AXS4 (AXSA:2021-1754:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1754:02 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...

CVE-2021-33204

In the pgpartman aka PG Partition Manager extension before 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because an explicit searchpath is not set...

EUVD-2004-1367

Malware in sbrugna...

EUVD-2010-3760

Malware in sbrugna...

EUVD-2021-19916

Malware in sbrugna...

EUVD-2012-0891

Malware in sbrugna...

EUVD-2007-2133

Malware in sbrugna...

EUVD-2023-33940

Malicious code in bioql PyPI...

EUVD-2023-45636

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-33204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the pgpartman aka PG Partition Manager extension before 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because...

Linux Distros Unpatched Vulnerability : CVE-2019-10208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitra...

Linux Distros Unpatched Vulnerability : CVE-2024-10976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and...

CVE-2023-41117

An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It contain packages, standalone packages, and functions that run SECURITY DEFINER but are inadequately secured against...

DEBIAN-CVE-2025-21800

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWSSET32 macro for negative offset When bit offset for HWSSET32 macro is negative, UBSAN complains about the shift-out-of-bounds: UBSAN: shift-out-of-bounds in...

Important: postgresql

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

Important: libpq

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...