13168 matches found
CVE-2026-2004 affecting package postgresql for versions less than 14.21-1
CVE-2026-2004 affecting package postgresql for versions less than 14.21-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-2006 affecting package postgresql for versions less than 14.21-1
CVE-2026-2006 affecting package postgresql for versions less than 14.21-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-2005 affecting package postgresql for versions less than 14.21-1
CVE-2026-2005 affecting package postgresql for versions less than 14.21-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-2003 affecting package postgresql for versions less than 14.21-1
CVE-2026-2003 affecting package postgresql for versions less than 14.21-1. An upgraded version of the package is available that resolves this issue...
BIT-POSTGRESQL-2026-2007 PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory
Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...
BIT-POSTGRESQL-2026-2006 PostgreSQL missing validation of multibyte character length executes arbitrary code
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12,...
BIT-POSTGRESQL-2026-2005 PostgreSQL pgcrypto heap buffer overflow executes arbitrary code
Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...
BIT-POSTGRESQL-2026-2004 PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...
BIT-POSTGRESQL-2026-2003 PostgreSQL oidvector discloses a few bytes of memory
Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...
SUSE CVE-2026-2003
Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...
SUSE CVE-2026-2004
Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...
SUSE CVE-2026-2005
Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...
SUSE CVE-2026-2006
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12,...
SUSE CVE-2026-2007
Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...
Linux Distros Unpatched Vulnerability : CVE-2026-2006
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun...
Debian: Security Advisory (DSA-6132-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-6133-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2026-2003
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks...
Important Photon OS Security Update - PHSA-2026-5.0-0762
Updates of 'postgresql14', 'rubygem-faraday', 'postgresql15' packages of Photon OS have been released...
Debian dsa-6133 : libecpg-compat3 - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6133 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6133-1 [email protected] https://www.debian.org/securit...