13238 matches found
MGASA-2025-0302 Updated postgresql15 & postgresql13 packages fix security vulnerabilities
PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege. CVE-2025-12817 PostgreSQL libpq undersizes allocations, via integer wraparound. CVE-2025-12818...
Mageia: Security Advisory (MGASA-2025-0302)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate Photon OS Security Update - PHSA-2025-5.0-0683
Updates of 'postgresql15', 'postgresql14', 'postgresql13' packages of Photon OS have been released...
GO-2025-4119 AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance in github.com/aws/aws-advanced-go-wrapper/awssql
AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance in github.com/aws/aws-advanced-go-wrapper/awssql...
CVE-2025-12818
A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application...
PostgreSQL Multiple Vulnerabilities (Nov 2025) - Windows
PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...
PostgreSQL Multiple Vulnerabilities (Nov 2025) - Linux
PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...
FreeBSD : PostgreSQL -- Multiple vulnerabilities (364e5fa4-c178-11f0-b614-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 364e5fa4-c178-11f0-b614-b42e991fc52e advisory. https://www.postgresql.org/support/security/CVE-2025-12818/ reports: Tenable has extracted the...
PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege
...
PostgreSQL libpq undersizes allocations, via integer wraparound
...
SUSE CVE-2025-12817
Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before...
SUSE CVE-2025-12818
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions...
EUVD-2025-180214
AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance...
AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
GHSA-8WJ8-CFXR-9374 AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
EUVD-2025-180216
AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance...
GHSA-7WQ2-32H4-9HC9 AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
EUVD-2025-180218
Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance...
Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
GHSA-7XW4-G7MM-R4HH Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...