1136 matches found
Important: Red Hat Security Advisory: postgresql:9.6 security update
An update for the postgresql:9.6 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
Important: Red Hat Security Advisory: postgresql:9.6 security update
An update for the postgresql:9.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
postgresql:12 security update
An update is available for pgaudit, postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database...
GaussDB Kernel: Deleting the Default Username
You are advised not to use a well-known username, for example, postgres. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...
openGauss: Configuring the Port
To prevent unauthorized connections to the database and illegal operations on data, you need to change the default port number in time. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
openGauss: Deleting the Default User Name
You are advised not to use a well-known user name, for example, postgres. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...
Security update for nextcloud (moderate)
openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2020:1652-1 Rating: moderate References: 1171572 1171579 1177346 Cross-References: CVE-2020-8154 CVE-2020-8155 CVE-2020-8183 CVE-2020-8228 CVE-2020-8233 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1...
CVE-2020-15070
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value...
CVE-2020-15070
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value...
Code injection
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value...
CVE-2020-15070
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value...
CVE-2020-15070
Zulip Server 2.x before 2.1.7 is affected by an eval-injection vulnerability that an attacker with privilege and access to write to the PostgreSQL database can exploit by crafting a custom profile field value. The root cause is the ability to inject and evaluate code via a crafted value stored in...
DEBIAN-CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
openSUSE Security Update : grafana / grafana-piechart-panel / grafana-status-panel (openSUSE-2020-892)
This update for grafana, grafana-piechart-panel, grafana-status-panel fixes the following issues : grafana was updated to version 7.0.3 : - Features / Enhancements - Stats: include all fields. 24829, @ryantxu - Variables: change VariableEditorList row action Icon to IconButton. 25217, @hshoff - B...
CVE-2020-4062
In Conjur OSS Helm Chart before 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port. This allows an attacker to gain full read & write access to the Conjur Postgres database, including escalating the attacker's...
CVE-2020-4062
In Conjur OSS Helm Chart before 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port. This allows an attacker to gain full read & write access to the Conjur Postgres database, including escalating the attacker's...
Design/Logic Flaw
In Conjur OSS Helm Chart before 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port. This allows an attacker to gain full read & write access to the Conjur Postgres database, including escalating the attacker's...
PT-2020-17857 · Cyberark +2 · Conjur Oss +3
Name of the Vulnerable Software and Affected Versions: Conjur OSS Helm Chart versions prior to 2.0.0 Description: A critical issue in the Conjur OSS Helm Chart results in the installation of the Conjur Postgres database with an open port, allowing an attacker to gain full read and write access to...
F5 NGINX Controller Information Disclosure Vulnerability (CNVD-2020-33346)
F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in F5 NGINX Controller versions prior to 3.3.0 that originates when NGINX Controlle...
CVE-2020-5865
In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle MiTM attacks...