Lucene search
K

44 matches found

Cvelist
Cvelist
added 2023/02/04 8:40 p.m.42 views

CVE-2022-45786 Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection

There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition t...

8.6AI score0.00948EPSS
Exploits0References1
CVE
CVE
added 2023/02/04 8:40 p.m.83 views

CVE-2022-45786

CVE-2022-45786 documents a SQL injection in Apache AGE when using the Golang and Python drivers with PostgreSQL 11/12 (up to AGE 1.1.0). Root cause: the cypher() placeholder could not be parameterized, and driver parameterization was insufficient, enabling injections. Mitigation: upgrade the Gola...

8.1CVSS8.3AI score0.00948EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.18 views

Debian DLA-3189-1 : postgresql-11 - LTS security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3189 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The...

5.6AI score
Exploits0References3
OpenVAS
OpenVAS
added 2022/08/13 12:0 a.m.14 views

Debian: Security Advisory (DLA-3072-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS8.1AI score0.0152EPSS
Exploits0References4
Debian
Debian
added 2022/08/11 4:1 p.m.38 views

[SECURITY] [DLA 3072-1] postgresql-11 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3072-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 11, 2022 https://wiki.debian.org/LTS -...

8CVSS8.3AI score0.0152EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/08/11 12:0 a.m.27 views

Debian dla-3072 : libecpg-compat3 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3072 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3072-1 [email protected] https://www.debian.org/lts/security/...

8CVSS7.3AI score0.0152EPSS
Exploits0References4
Debian
Debian
added 2022/05/12 7:28 p.m.76 views

[SECURITY] [DSA 5135-1] postgresql-11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5135-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 12, 2022 https://www.debian.org/security/faq -...

8.8CVSS9AI score0.12403EPSS
Exploits0
OSV
OSV
added 2022/05/12 12:0 a.m.26 views

DSA-5135-1 postgresql-11 - security update

Bulletin has no description...

8.8CVSS8AI score0.12403EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/11/14 12:0 a.m.19 views

Debian: Security Advisory (DSA-5006-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.01901EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/11/12 12:0 a.m.29 views

Debian DSA-5006-1 : postgresql-11 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5006 advisory. Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. For the oldstable distribution...

8.1CVSS7AI score0.01901EPSS
Exploits0References7
OSV
OSV
added 2021/09/16 5:43 p.m.7 views

SUSE-SU-2021:3120-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...

6.5CVSS7.1AI score0.0142EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/05/14 12:0 a.m.75 views

Debian DSA-4915-1 : postgresql-11 - security update

Multiple security issues have been discovered in the PostgreSQL database system, which could result in the execution of arbitrary code or disclosure of memory content. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

8.8CVSS7.3AI score0.0199EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/05/14 12:0 a.m.28 views

Debian: Security Advisory (DSA-4915-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.0199EPSS
Exploits0References4
Debian
Debian
added 2021/05/13 5:39 p.m.92 views

[SECURITY] [DSA 4915-1] postgresql-11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4915-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 13, 2021 https://www.debian.org/security/faq -...

8.8CVSS9AI score0.0199EPSS
Exploits0
OSV
OSV
added 2021/05/13 12:0 a.m.53 views

DSA-4915-1 postgresql-11 - security update

Bulletin has no description...

8.8CVSS7.8AI score0.0199EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/12/22 9:27 a.m.6 views

postgresql: Stack-based buffer overflow via setting a password

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the...

9CVSS8.1AI score0.03711EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/02/15 12:0 a.m.22 views

Debian: Security Advisory (DSA-4623-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.2AI score0.01183EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.33 views

Debian DSA-4493-1 : postgresql-11 - security update

Two security issues have been discovered in the PostgreSQL database system, which could result in privilege escalation, denial of service or memory disclosure. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1960/ C Tenable Network...

8.8CVSS6.4AI score0.0217EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2019/08/10 12:0 a.m.33 views

Debian: Security Advisory (DSA-4493-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.0217EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2019/08/08 12:0 a.m.31 views

CVE-2019-10209

Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan...

3.5CVSS6.8AI score0.01079EPSS
Exploits0References3
Rows per page
Query Builder