Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/08 12:0 a.m.18 views

Amazon Linux 2023 : postgresql17, postgresql17-contrib, postgresql17-llvmjit (ALAS2023-2025-1158)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1158 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy...

8.8CVSS7.5AI score0.0257EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2025/09/02 5:39 a.m.10 views

postgresql: PostgreSQL executes arbitrary code in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...

8.8CVSS7.9AI score0.00385EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/08/29 8:31 a.m.2 views

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References12
OSV
OSV
added 2025/08/29 8:31 a.m.1 views

SUSE-SU-2025:03018-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/08/28 6:29 a.m.7 views

postgresql: PostgreSQL executes arbitrary code in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...

8.8CVSS7.9AI score0.00385EPSS
Exploits0References5
Rows per page
Query Builder