22 matches found
EUVD-2018-11705
Malware in sbrugna...
EUVD-2019-2171
Malware in sbrugna...
SUSE CVE-2007-5970
MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the us...
SUSE CVE-2018-1052
Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table...
openSUSE 15 Security Update : postgresql12 (openSUSE-SU-2021:1994-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1994-1 advisory. - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certai...
RHEL 7 : rh-postgresql12-postgresql (RHSA-2021:2394)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2394 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...
postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING
A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality...
Important: postgresql:12 security update
PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.7 Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memory...
PostgreSQL 9.6.x < 9.6.22 / 10.x < 10.17 / 11.x < 11.12 / 12.x < 12.7 / 13.x < 13.3 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 9.6 prior to 9.6.22, 10 prior to 10.17, 11 prior to 11.12, 12 prior to 12.7, or 13 prior to 13.3. As such, it is potentially affected by multiple vulnerabilities : - Buffer overrun from integer overflow in array subscripting calculations...
Updated postgresql packages fix security vulnerabilities
Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027. Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE. CVE-2021-32028. Memory disclosure in partitioned-table UPDATE ... RETURNING. CVE-2021-32029...
FreeBSD : PostgreSQL -- Memory disclosure in partitioned-table UPDATE ... RETURNING (76e0bb86-b4cb-11eb-b9c9-6cc21735f730)
The PostgreSQL project reports : Using an UPDATE ... RETURNING on a purpose-crafted partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can create prerequisite objects and complete this attack at will. A user...
Information Disclosure
postgresql is vulnerable to information disclosure. An attacker can read arbitrary bytes of server memory using the UPDATE ... RETURNING statements on a purpose-crafted partitioned table...
Vulnerability in core server (CVE-2021-32029)
Memory disclosure in partitioned-table UPDATE ... RETURNING Using an UPDATE ... RETURNING on a purpose-crafted partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can create prerequisite objects and complete this...
PostgreSQL -- Memory disclosure in partitioned-table UPDATE ... RETURNING
The PostgreSQL project reports: Using an UPDATE ... RETURNING on a purpose-crafted partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can create prerequisite objects and complete this attack at will. A user lacki...
PostgreSQL 11.x < 11.3 Memory Disclosure Vulnerability - Windows
PostgreSQL is prone to a memory disclosure vulnerability in the partition routing. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2019-10129
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. Exploit prerequisites...
Default configuration
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. Exploit prerequisites...
CVE-2019-10129
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. Exploit prerequisites...
CVE-2019-10129
Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. Exploit prerequisites are the same as for CVE-2018-1052...
CVE-2019-10129
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. Exploit prerequisites...