13195 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-005383)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005383 advisory. Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-005376)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005376 advisory. Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocati...
CVE-2026-26932
Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requir...
K000160172: PostgreSQL vulnerability CVE-2025-8714
Security Advisory Description Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also...
Apache Superset Input Validation Vulnerability
Apache Superset is a modern big data exploration and visualization platform from the Apache Foundation that allows users to easily and quickly build dashboards using a simple no-code visualization builder and a state-of-the-art SQL editor. Apache Superset has an input validation vulnerability in...
EUVD-2026-8864
Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requir...
CVE-2026-26932
Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requir...
CVE-2026-26932
CVE-2026-26932 affects Elastic Packetbeat (PostgreSQL protocol parser) and can cause a Denial of Service via a Go runtime panic when the pgsql protocol is enabled and monitoring traffic on the targeted port. Affected versions include Packetbeat 8.x (up to 8.19.10) and 9.x (up to 9.2.4). The under...
CVE-2026-26932
Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requir...
CVE-2026-26932 Improper Validation of Array Index in Packetbeat Leading to Denial of Service
Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requir...
Packetbeat 8.19.11, 9.2.5 Security Update (ESA-2026-10)
Improper Validation of Array Index in Packetbeat Leading to Denial of Service Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go...
SQL Injection
Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to SQL Injection via the MySQL, PostgreSQL, and Microsoft SQL nodes due to improper escaping of identifier values. An attacker can execute arbitrary SQL commands by supplying specially crafted table or...
n8n: SQL Injection in MySQL, PostgreSQL, and Microsoft SQL nodes
Impact An authenticated user with permission to create or modify workflows and access to a database credential could unknowingly create a workflow that was vulnerable to SQL injection, even while expecting inputs to be handled safely through escaped parameters. By supplying specially crafted tabl...
CVE-2026-2006 vulnerabilities
Vulnerabilities for packages: postgresql...
CVE-2026-2005 vulnerabilities
Vulnerabilities for packages: postgresql...
CVE-2026-2003 vulnerabilities
Vulnerabilities for packages: postgresql...
CVE-2026-2004 vulnerabilities
Vulnerabilities for packages: postgresql...
CVE-2026-2006 vulnerabilities
Vulnerabilities for packages: postgresql...
CVE-2026-2005 vulnerabilities
Vulnerabilities for packages: postgresql...
CVE-2026-2004 vulnerabilities
Vulnerabilities for packages: postgresql...