MiracleLinux 7 : rh-postgresql10-postgresql-10.5-1.el7 (AXSA:2018-3312:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3312:01 advisory. postgresql: Certain host connection parameters defeat client-side security defenses CVE-2018-10915 postgresql: Missing authorization and memory...

MiracleLinux 4 : postgresql-8.4.20-8.AXS4 (AXSA:2017-2312:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2312:02 advisory. It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty password. A...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.5-1.AXS4 (AXSA:2015-867:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-867:02 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll nee...

MiracleLinux 7 : rh-postgresql94-postgresql-9.4.14-1.el7 (AXSA:2017-2241:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2241:02 advisory. It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.14-1.AXS4 (AXSA:2017-2281:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2281:02 advisory. It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty...

MiracleLinux 7 : rh-postgresql96-postgresql-9.6.10-1.el7 (AXSA:2018-3310:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3310:01 advisory. postgresql: Certain host connection parameters defeat client-side security defenses CVE-2018-10915 postgresql: Missing authorization and memory...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.12-1.AXS4 (AXSA:2017-1728:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1728:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll ne...

CVE-2021-47782 Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection

Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries. Attackers can exploit the vulnerability by sending crafted payloads to the /rass/api/v1/trafficCycle/ endpoint to manipulate...

CVE-2021-47782

Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries. Attackers can exploit the vulnerability by sending crafted payloads to the /rass/api/v1/trafficCycle/ endpoint to manipulate...

CVE-2021-47782 Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection

Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries. Attackers can exploit the vulnerability by sending crafted payloads to the /rass/api/v1/trafficCycle/ endpoint to manipulate...

CVE-2021-47782

Odine Solutions GateKeeper 1.0 is affected by a SQL injection in the trafficCycle API endpoint (/rass/api/v1/trafficCycle/). The root cause is a database query manipulation in PostgreSQL that could lead to extraction of sensitive information. Mitigation: apply updates to address the SQL injection...

SQL Injection

Django is vulnerable to SQL Injection. The vulnerability is due to improper handling of column aliases in FilteredRelation when expanding user-controlled dictionaries passed to QuerySet.annotate or QuerySet.alias, which allows an attacker to inject crafted SQL on PostgreSQL...

postgresql: libpq: libpq undersizes allocations, via integer wraparound

A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application...

Moderate: Red Hat Security Advisory: libpq security update

An update for libpq is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

PT-2026-3155

Name of the Vulnerable Software and Affected Versions Odine Solutions GateKeeper version 1.0 Description The software contains a SQL injection issue in the trafficCycle API endpoint. Remote attackers can inject malicious database queries by sending crafted payloads to the /rass/api/v1/trafficCycl...

Failed to create a restore point: PostgreSQL database operation failed multiple times with transient error.

Challenge After upgrading to Veeam Backup for Microsoft 365 8.2 or 8.3, jobs fail with the erorr: Failed to create a restore point: PostgreSQL database operation failed multiple times with transient error. Cause This issue occurs because various one-time PostgreSQL queries that the software...

Oracle Linux 9 : postgresql:15 (ELSA-2026-0492)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0492 advisory. pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack 1.4.8-2 - Add new build...

Oracle Linux 9 : postgresql:16 (ELSA-2026-0493)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0493 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1...

Oracle Linux 9 : postgresql (ELSA-2026-0491)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0491 advisory. - Resolves: RHEL-128812 CVE-2025-12818 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

ALSA-2026:0695 Moderate: libpq security update

The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security issues, including the impact, a CVSS score,...