SUSE CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

UBUNTU-CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

CVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

CVE-2020-5945

In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability XSS. The issue allows a minor privilege escalation for resource admin to escalate to full admin...

CVE-2024-4317

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

CVE-2023-22730 Improper Input Validation of Clearance sale in cart

Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item's individuality and the user was able to bypass quantity limits in...

The new Spring Boot version validation and upgrade support in Spring Tools

New releases of Spring Boot are being released on a quite frequent schedule and updating your projects to newer versions of Spring Boot is something that many teams and organizations around the globe do as part of their daily work. Sometimes those upgrades are simple and easy, for example for new...

The new Spring Boot version validation and upgrade support in Spring Tools

New releases of Spring Boot are being released on a quite frequent schedule and updating your projects to newer versions of Spring Boot is something that many teams and organizations around the globe do as part of their daily work. Sometimes those upgrades are simple and easy, for example for new...

Octopus Server 安全漏洞

Octopus Server is an automated deployment platform. A security vulnerability exists in Octopus Server that stems from the fact that sensitive value masking will only partially work when the sensitive value is a substring of another value in the affected Octopus Server The following products and...