Lucene search
K

12 matches found

OSV
OSV
added 2026/04/03 1:27 p.m.5 views

JLSEC-2026-47

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

5.4CVSS6.6AI score0.00786EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/29 10:29 a.m.11 views

Security Bulletin: for Multiple CVEs : CVE-2024-10976 , CVE-2025-4207, CVE-2023-5870 and CVE-2025-1094

Summary Security Bulletin for Multiple CVEs. Refer below Vulnerability details for more detials. Vulnerability Details CVEID:CVE-2024-10976 DESCRIPTION: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended...

8.1CVSS7.2AI score0.89472EPSS
Exploits10Affected Software2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33374

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00786EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-10976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and...

7.5CVSS6.3AI score0.01807EPSS
Exploits0References2
Amazon
Amazon
added 2024/12/19 12:0 a.m.4 views

Important: libpq

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

8.8CVSS7.2AI score0.04422EPSS
Exploits1
Amazon
Amazon
added 2024/12/19 12:0 a.m.10 views

Important: postgresql

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

8.8CVSS7.2AI score0.04422EPSS
Exploits1
Amazon
Amazon
added 2024/12/12 12:0 a.m.11 views

Important: postgresql16

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

8.8CVSS7.1AI score0.04422EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2024/11/15 4:6 a.m.3 views

SUSE CVE-2024-10976

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

4.2CVSS9.2AI score0.00786EPSS
Exploits0References21
NVD
NVD
added 2024/11/14 1:15 p.m.30 views

CVE-2024-10976

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

5.4CVSS0.00786EPSS
Exploits0References3
OSV
OSV
added 2024/11/14 1:15 p.m.5 views

AZL-53201 CVE-2024-10976 affecting package postgresql for versions less than 14.14-1

Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invok...

5.4CVSS6.6AI score0.00786EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/07/31 9:24 a.m.10 views

postgresql: row security policies disregard user ID changes after inlining.

A flaw was found in PostgreSQL, which could permit incorrect policies being applied in certain cases where role-specific policies are used and a given query is planned under one role and executed under other roles. This scenario can happen under security definer functions, or when a common user a...

5.4CVSS7.3AI score0.00694EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/06/21 2:48 p.m.71 views

postgresql: row security policies disregard user ID changes after inlining.

A flaw was found in PostgreSQL, which could permit incorrect policies being applied in certain cases where role-specific policies are used and a given query is planned under one role and executed under other roles. This scenario can happen under security definer functions, or when a common user a...

5.4CVSS7.3AI score0.00694EPSS
Exploits0References5
Rows per page
Query Builder