43 matches found
CentOS 8 : postgresql:9.6 (CESA-2020:5619)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5619 advisory. - postgresql: Selectivity estimators bypass row security policies CVE-2019-10130 - postgresql: TYPE in pgtemp executes arbitrary SQL during SECURITY...
RHEL 8 : postgresql:9.6 (RHSA-2021:0167)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0167 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...
RHEL 8 : postgresql:9.6 (RHSA-2021:0164)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0164 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...
RHEL 8 : postgresql:9.6 (RHSA-2020:5661)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5661 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...
SUSE SLES12 Security Update : postgresql, postgresql96, postgresql10 / postgresql12 (SUSE-SU-2020:3343-1)
This update changes the internal packaging for postgresql, and so contains all currently maintained postgresql versions across our SUSE Linux Enterprise 12 products. postgresql12 is shipped new in version 12.3 bsc1171924. The server and client packages only on SUSE Linux Enterprise Server 12 SP5,...
Debian DLA-2478-1 : postgresql-9.6 security update
Several vulnerabilities have been found in the PostgreSQL database system. CVE-2020-25694 Peter Eisentraut found that database reconnections may drop options from the original connection, such as encryption, which could lead to information disclosure or a man-in-the-middle attack. CVE-2020-25695...
Debian: Security Advisory (DLA-2478-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-2331-1 postgresql-9.6 - security update
Bulletin has no description...
Debian: Security Advisory (DSA-4622-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4622-1] postgresql-9.6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4622-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 13, 2020 https://www.debian.org/security/faq -...
Debian DSA-4492-1 : postgresql-9.6 - security update
A issue has been discovered in the PostgreSQL database system, which could result in privilege escalation. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1960/ C Tenable Network Security, Inc. The descriptive text and package checks i...
DSA-4492-1 postgresql-9.6 - security update
Bulletin has no description...
Debian DSA-4439-1 : postgresql-9.6 - security update
Dean Rasheed discovered that row security policies in the PostgreSQL database system could be bypassed. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1939/ C Tenable Network Security, Inc. The descriptive text and package checks in...
DSA-4439-1 postgresql-9.6 - security update
Bulletin has no description...
Debian DSA-4269-1 : postgresql-9.6 - security update
Two vulnerabilities have been found in the PostgreSQL database system : - CVE-2018-10915 Andrew Krasichkov discovered that libpq did not reset all its connection state during reconnects. - CVE-2018-10925 It was discovered that some 'CREATE TABLE' statements could disclose server memory. For...
[SECURITY] [DSA 4269-1] postgresql-9.6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4269-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2018 https://www.debian.org/security/faq -...
CVE-2017-15099
INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE...
Debian DSA-4028-1 : postgresql-9.6 - security update
Several vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-15098 Denial of service and potential memory disclosure in the jsonpopulaterecordset and jsonbpopulaterecordset functions - CVE-2017-15099 Insufficient permissions checks in 'INSERT ... ON CONFLICT DO UPDATE'...
CVE-2017-15098
Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...
DSA-4028-1 postgresql-9.6 - security update
Bulletin has no description...