MiracleLinux 7 : postgresql-9.2.21-1.el7 (AXSA:2017-1914:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1914:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll ne...

EUVD-2017-16506

Malware in sbrugna...

Information Disclosure

PostgreSQL is vulnerable to information disclosure vulnerability. The pgusermappings access qualifications are not properly implemented. A remote authenticated user may be able to view foreign server passwords which leads to data modification...

Medium: postgresql93, postgresql94, postgresql95

Issue Overview: Selectivity estimators bypass SELECT privilege checks It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some...

ALPINE-CVE-2017-7486

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...

CVE-2017-7486

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...