RLSA-2026:1628 Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images CVE-2025-14177 php: PHP: Denial of Service...

php security update

An update is available for php. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language commonly used with the Apache HTTP...

[SECURITY] Fedora 43 Update: pgadmin4-9.11-3.fc43

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

pgAdmin 安全漏洞

pgAdmin is an open-source management and development platform for the open-source database PostgreSQL. Version 9.11 of pgAdmin has a security vulnerability, which stems from a possible bypass of recovery restrictions, potentially leading to command execution...

PT-2026-6651

Name of the Vulnerable Software and Affected Versions Payload versions prior to 3.74.0 Description Payload is a headless content management system. A cross-collection Insecure Direct Object Reference IDOR exists in the payload-preferences internal collection. In multi-auth collection environments...

RockyLinux 10 : php (RLSA-2026:1628)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1628 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images...

Atlassian Confluence 9.2.8 < 9.2.11 (CONFSERVER-101842)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101842 advisory. - pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding...

SUSE: Security Advisory (SUSE-SU-2026:20193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:20194-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 16 Security Update : postgresql16 (openSUSE-SU-2026:20130-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20130-1 advisory. Security fixes: - CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statisti...

SUSE SLES16 Security Update : postgresql16 (SUSE-SU-2026:20193-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20193-1 advisory. Security fixes: - CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to...

SUSE SLES16 Security Update : postgresql17 and postgresql18 (SUSE-SU-2026:20194-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20194-1 advisory. Changes in postgresql17, postgresql18: Update to 17.7: https://www.postgresql.org/about/news/p-3171/...

openSUSE 16 Security Update : postgresql17 and postgresql18 (openSUSE-SU-2026:20131-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20131-1 advisory. Changes in postgresql17, postgresql18: Update to 17.7: https://www.postgresql.org/about/news/p-3171/ https://www.postgresql.org/docs/release/17....

postgresql:15 security update

An update is available for pgrepack, module.pgaudit, postgres-decoderbufs, module.pgrepack, module.postgres-decoderbufs, pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RLSA-2023:7884 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-5868 postgresql: extension script @substitutions@...

SUSE CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

Security update for postgresql17 and postgresql18 (important)

openSUSE security update: security update for postgresql17 and postgresql18 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20131-1 Rating: important References: bsc1253332 bsc1253333 Cross-References: CVE-2025-12817 CVE-2025-12818 CVSS scores:...

RockyLinux 8 : postgresql:15 (RLSA-2023:7884)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7884 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement

A flaw was found in PHP. When the PDO PHP Data Objects PostgreSQL driver is configured with PDO::ATTREMULATEPREPARES enabled, a remote attacker can exploit a vulnerability by providing an invalid character sequence within a prepared statement parameter. This can cause a null pointer dereference,...

MiracleLinux 8 : php:8.2 (AXSA:2026-124:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-124:01 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML...