13277 matches found
SUSE-SU-2025:02980-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: Upgraded to 16.10: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120 CVE-2025-8714: Fixed untrusted data inclusion in pgdump allows superuser of origin server to execute...
Linux Distros Unpatched Vulnerability : CVE-2016-8640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw databa...
ROS-20250822-24
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250822-21
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250822-22
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
ROS-20250822-23
A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...
Photon OS 5.0: Postgresql13 PHSA-2025-5.0-0597
An update of the postgresql13 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0597. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
USN-7648-2: PHP vulnerabilities
USN-7648-1 fixed several vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker...
USN-7648-2 php7.0, php7.2, php7.4 vulnerabilities
USN-7648-1 fixed several vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null characters. A remote attacker...
CVE-2025-8715 affecting package postgresql for versions less than 14.19-1
CVE-2025-8715 affecting package postgresql for versions less than 14.19-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-8714 affecting package postgresql for versions less than 14.19-1
CVE-2025-8714 affecting package postgresql for versions less than 14.19-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-8713 affecting package postgresql for versions less than 14.19-1
CVE-2025-8713 affecting package postgresql for versions less than 14.19-1. An upgraded version of the package is available that resolves this issue...
PostgreSQL 13.x < 13.22 / 14.x < 14.19 / 15.x < 15.14 / 16.x < 16.10 / 17.x < 17.6 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 13 prior to 13.22, 14 prior to 14.19, 15 prior to 15.14, 16 prior to 16.10, or 17 prior to 17.6. As such, it is potentially affected by multiple vulnerabilities : - Improper neutralization of newlines in pgdump in PostgreSQL allows a user ...
Linux Distros Unpatched Vulnerability : CVE-2023-5870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum worker...
CVE-2025-55282
aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of searchpath restriction, an attacke...
Linux Distros Unpatched Vulnerability : CVE-2021-32029
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of...
Linux Distros Unpatched Vulnerability : CVE-2022-31625
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the...
Linux Distros Unpatched Vulnerability : CVE-2019-10208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitra...
Linux Distros Unpatched Vulnerability : CVE-2023-2455
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific...
Linux Distros Unpatched Vulnerability : CVE-2021-32028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read...