CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

175 matches found

OSV•added 2026/02/24 3:15 p.m.•1 views

SUSE-SU-2026:0614-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Update to version 16.12. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

8.8CVSS6.4AI score0.00059EPSS

Exploits3References9

Tenable Nessus•added 2026/02/23 12:0 a.m.•2 views

PostgreSQL 14.x < 14.21 / 15.x < 15.16 / 16.x < 16.12 / 17.x < 17.8 / 18.x < 18.2 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 14 prior to 14.21, 15 prior to 15.16, 16 prior to 16.12, 17 prior to 17.8, or 18 prior to 18.2. As such, it is potentially affected by multiple vulnerabilities: - Missing validation of multibyte character length in PostgreSQL text...

8.8CVSS6.5AI score0.00059EPSS

Exploits3References9

Tenable Nessus•added 2026/02/21 12:0 a.m.•2 views

SUSE SLES15 Security Update : postgresql16 (SUSE-SU-2026:0588-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0588-1 advisory. Update to version 16.12. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few...

8.8CVSS6.3AI score0.00059EPSS

Exploits3References13

OSV•added 2026/02/20 4:17 p.m.•1 views

SUSE-SU-2026:20588-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to version 15.16. Security issues fixed: - CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

8.8CVSS6.4AI score0.00061EPSS

Exploits3References13

OSV•added 2026/02/20 4:11 p.m.•1 views

SUSE-SU-2026:20587-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.21. Security issues fixed: - CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

8.8CVSS6.4AI score0.00061EPSS

Exploits3References13

SUSE Linux•added 2026/02/20 10:5 a.m.•3 views

Security update for postgresql16

This update for postgresql16 fixes the following issues: Update to version 16.12. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...

8.8CVSS6.4AI score0.00059EPSS

Exploits3References16

OSV•added 2026/02/20 10:4 a.m.•1 views

SUSE-SU-2026:0586-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: Update to version 17.8. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivity...

8.8CVSS6.3AI score0.00059EPSS

Exploits3References9

SUSE Linux•added 2026/02/20 10:3 a.m.•4 views

Security update for postgresql18

This update for postgresql18 fixes the following issues: Update to version 18.2. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...

8.8CVSS6.5AI score0.00059EPSS

Exploits3References20

OSV•added 2026/02/17 5:47 p.m.•2 views

MGASA-2026-0041 Updated postgresql15 packages fix security vulnerabilities

PostgreSQL oidvector discloses a few bytes of memory. CVE-2026-2003 PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code. CVE-2026-2004 PostgreSQL pgcrypto heap buffer overflow executes arbitrary code. CVE-2026-2005 PostgreSQL missing validation...

8.8CVSS5.9AI score0.00059EPSS

Exploits3References3

Mageia•added 2026/02/17 5:47 p.m.•7 views

Updated postgresql15 packages fix security vulnerabilities

8.8CVSS6.1AI score0.00059EPSS

Exploits3References2

OSV•added 2026/02/16 4:3 p.m.•2 views

BIT-POSTGRESQL-2026-2004 PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.1AI score0.00059EPSS

Exploits0References2

SUSE CVE•added 2026/02/13 12:26 a.m.•3 views

SUSE CVE-2026-2004

8.8CVSS6.1AI score0.00059EPSS

Exploits0References28

Tenable Nessus•added 2026/02/13 12:0 a.m.•5 views

FreeBSD : PostgreSQL -- Multiple vulnerabilities (e3afc190-0821-11f1-a857-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e3afc190-0821-11f1-a857-6cc21735f730 advisory. The PostgreSQL project reports: Improper validation of type oidvector in PostgreSQL allows a...

8.8CVSS6.5AI score0.00059EPSS

Exploits3References7

OSV•added 2026/02/12 2:16 p.m.•2 views

AZL-77583 CVE-2026-2004 affecting package postgresql for versions less than 14.21-1

8.8CVSS6.1AI score0.00059EPSS

Exploits0References1

OSV•added 2026/02/12 2:16 p.m.•0 views

AZL-77423 CVE-2026-2004 affecting package postgresql for versions less than 16.12-1

8.8CVSS6.1AI score0.00059EPSS

Exploits0References1

OSV•added 2026/02/12 2:16 p.m.•1 views

CVE-2026-2004