23 matches found
SUSE CVE-2026-6477
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
BIT-POSTGRESQL-2026-6477 PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
CVE-2026-6477
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
CVE-2026-6477
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
Vulnerability in client (CVE-2026-6477)
PostgreSQL libpq lo functions let server superuser overwrite client stack memory Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an...
OESA-2026-1514 libpq security update
PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...
@adenta/cms (>=0.0.6 <=1.1.1-0), @anjy7/navbar-cms (=0.0.5) +8 more potentially affected by CVE-2026-25544 via @payloadcms/db-postgres (>=3.0.0-alpha.46 <=3.61.0)
@payloadcms/db-postgres NPM version =3.0.0-alpha.46, =0.0.6, =1.0.0, =0.0.5, =0.0.1, =0.0.9-alpha.5, =0.0.5, =1.0.3 - npm-payload-test =2.6.4 - payload-auth-plugin =0.7.5 Source cves: CVE-2026-25544 Source advisory: SNYK:JS-PAYLOADCMSDBPOSTGRES-15240187...
ROS-20260129-73-0043
A vulnerability in the libpq library of the PostgreSQL database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260129-73-0041
A vulnerability in the libpq library of the PostgreSQL database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260129-73-0036
A vulnerability in the libpq library of the PostgreSQL database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Alibaba Cloud Linux 3 : 0012: libpq (ALINUX3-SA-2026:0012)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0012 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-12818: Integer wraparound in multiple...
RHSA-2026:0744 Red Hat Security Advisory: libpq security update
Bulletin has no description...
postgresql:15 security update
An update is available for pgrepack, module.postgresql, module.pgaudit, postgresql, postgres-decoderbufs, module.pgrepack, module.postgres-decoderbufs, pgaudit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHSA-2025:23123 Red Hat Security Advisory: libpq security update
Bulletin has no description...
TencentOS Server 4: postgresql (TSSA-2025:0892)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0892 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
EUVD-2025-169291
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions...
Vulnerability in client (CVE-2025-12818)
PostgreSQL libpq undersizes allocations, via integer wraparound Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in...
ROS-20250311-06
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
OESA-2025-1230 libpq security update
PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...
libpq security update
An update is available for libpq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libpq package provides the PostgreSQL client library, which allows client...