SQL Injection

Overview apache-superset is a modern, enterprise-ready business intelligence web application. Affected versions of this package are vulnerable to SQL Injection due to improper handling of certain PostgreSQL functions in the SQL parsing and authorization process. An attacker can execute unauthoriz...

postgresql:15 security update

pgaudit pgrepack postgres-decoderbufs postgresql 15.10-1 - Update to 15.10 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979...

postgresql:16 security update

pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1 postgres-decoderbufs 2.4.0-1.Final - Initial import for postgresql 16 stream - Related: RHEL-3636 postgresql 16.6-1 - Update to 16.6 - Fixes:...

postgresql:16 security update

pgaudit pgrepack 1.5.1-1 - Update to v1.5.1 pgvector 0.6.2-1 - Initial packaging postgres-decoderbufs postgresql 16.6-1 - Update to 16.6 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 16.4-2 - Fix build on 16.4 16.4-1 - Update to 16.4 16.1-3 - Remove /var/run/postgresql - Related: RHEL-512...

io.github.openfeign.querydsl:querydsl-jpa-codegen (>=5.0.1 <=5.6), io.github.zzagtung:querydsl-jpa-postgres-json (=0.1.1) potentially affected by CVE-2024-49203 via io.github.openfeign.querydsl:querydsl-jpa (>=5.0.1 <=5.6)

io.github.openfeign.querydsl:querydsl-jpa MAVEN version =5.0.1, =5.0.1, =5.6 - io.github.zzagtung:querydsl-jpa-postgres-json =0.1.1 Source cves: CVE-2024-49203 Source advisory: OSV:GHSA-6Q3Q-6V5J-H6VG...

15 bug fix and enhancement update

An update is available for pgaudit, module.pgaudit, module.postgres-decoderbufs, postgres-decoderbufs, pgrepack, module.pgrepack. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Versa Director 安全漏洞

Versa Director is a virtualization and service creation platform from Versa USA. It simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director versions prior to 22.1.4, which stems from a generic password in the default...

Important: libpq

Issue Overview: Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack...

postgresql:12 security update

An update is available for pgaudit, postgresql, module.pgaudit, pgrepack, module.postgres-decoderbufs, module.pgrepack, postgres-decoderbufs, module.postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

PT-2024-32391 · Dataease +1 · Dataease +1

Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 1.18.25 Description: DataEase is an open source data visualization analysis tool. The PostgreSQL data source function allows customization of JDBC connection parameters and the PG server target. However, the...

postgresql:12 security update

pgaudit pgrepack postgres-decoderbufs postgresql 12.20-1 - Update to 12.20 - Fix CVE-2024-7348...

postgresql:13 security update

pgaudit pgrepack postgres-decoderbufs postgresql 13.16-1 - Update to 13.16 - Fix CVE-2024-7348...

postgresql:15 security update

pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack postgres-decoderbufs 1.9.7-1.Final - Iitial import for postgresql 15 stream - Related: 2128410 postgresql 15.8-1 - Update to 15.8 15.6-3 - Remove /var/run/postgresql -...

Oracle Linux 8 : postgresql:13 (ELSA-2024-6018)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6018 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 13.16-1 - Update to 13.16 - Fix CVE-2024-7348 Tenable has extracted the preceding description block directly fr...

Oracle Linux 8 : postgresql:15 (ELSA-2024-6001)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6001 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.8-1 - Update to 15.8 - Fix CVE-2024-7348 Tenable has extracted the preceding description block...

postgresql:15 security update

pgaudit pgrepack postgres-decoderbufs postgresql 15.8-1 - Update to 15.8 - Fix CVE-2024-7348...

Oracle Linux 8 : postgresql:12 (ELSA-2024-6000)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6000 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 12.20-1 - Update to 12.20 - Fix CVE-2024-7348 Tenable has extracted the preceding description block directly fr...

Oracle Linux 8 : postgresql:16 (ELSA-2024-5927)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5927 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack postgres-decoderbufs...

postgresql:16 security update

pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack postgres-decoderbufs 2.4.0-1.Final - Initial import for postgresql 16 stream - Related: RHEL-3636 postgresql 16.4-1 - Update to 16.4 - Fix CVE-2024-7348...

UBUNTU-CVE-2024-7348

Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...