44 matches found
CVE-2022-45786 Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection
There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition t...
CVE-2022-45786
CVE-2022-45786 documents a SQL injection in Apache AGE when using the Golang and Python drivers with PostgreSQL 11/12 (up to AGE 1.1.0). Root cause: the cypher() placeholder could not be parameterized, and driver parameterization was insufficient, enabling injections. Mitigation: upgrade the Gola...
Debian DLA-3189-1 : postgresql-11 - LTS security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3189 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The...
Debian: Security Advisory (DLA-3072-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3072-1] postgresql-11 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3072-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 11, 2022 https://wiki.debian.org/LTS -...
Debian dla-3072 : libecpg-compat3 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3072 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3072-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DSA 5135-1] postgresql-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5135-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 12, 2022 https://www.debian.org/security/faq -...
DSA-5135-1 postgresql-11 - security update
Bulletin has no description...
Debian: Security Advisory (DSA-5006-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-5006-1 : postgresql-11 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5006 advisory. Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. For the oldstable distribution...
SUSE-SU-2021:3120-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...
Debian DSA-4915-1 : postgresql-11 - security update
Multiple security issues have been discovered in the PostgreSQL database system, which could result in the execution of arbitrary code or disclosure of memory content. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Debian: Security Advisory (DSA-4915-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4915-1] postgresql-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4915-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 13, 2021 https://www.debian.org/security/faq -...
DSA-4915-1 postgresql-11 - security update
Bulletin has no description...
postgresql: Stack-based buffer overflow via setting a password
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the...
Debian: Security Advisory (DSA-4623-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4493-1 : postgresql-11 - security update
Two security issues have been discovered in the PostgreSQL database system, which could result in privilege escalation, denial of service or memory disclosure. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1960/ C Tenable Network...
Debian: Security Advisory (DSA-4493-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-10209
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan...