CVE-2025-4207 affecting package postgresql for versions less than 16.9-1

CVE-2025-4207 affecting package postgresql for versions less than 16.9-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-4207 affecting package postgresql for versions less than 14.18-1

CVE-2025-4207 affecting package postgresql for versions less than 14.18-1. An upgraded version of the package is available that resolves this issue...

The vulnerability of the Dataease database management system, related to improper elimination of surrogate characters, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Dataease database management system is related to the improper elimination of surrogate characters when connecting to PostgreSQL and Redshift databases. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in postgresql 13.16-1.el9_4

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of postgresql 13.16-1.el94 Vulnerability Details CVEID:CVE-2023-39418 DESCRIPTION: A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in postgresql-42.5.1.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of postgresql-42.5.1.jar Vulnerability Details CVEID:CVE-2024-1597 DESCRIPTION: pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default...

Upgrading the PostgreSQL Database Engine Software Used by Veeam Backup for Microsoft 365

Support Scope This article is provided as a courtesy to give customers a high-level explanation of how to upgrade the underlying PostgreSQL database engine used to host the Veeam Backup for Microsoft 365 configuration database. Per the Veeam Customer Support Policy, section 10: Support for Veeam...

Multiple vulnerabilities detected in PostgreSQL

Multiple PostgreSQL vulnerability updates CVE-2025-1094-PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2024-10979-PostgreSQL PL/Perl environment variable changes execute arbitrary code CVE-2024-10978-PostgreSQL SET ROLE, SET SESSION AUTHORIZATI...

postgresql-jdbc-42.7.7-1.1 on GA media (moderate)

postgresql-jdbc-42.7.7-1.1 on GA media Announcement ID: openSUSE-SU-2025:15264-1 Rating: moderate Cross-References: CVE-2025-49146 CVSS scores: CVE-2025-49146 SUSE : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVE-2025-49146 SUSE : 8.3...

CVE-2025-1708

The application is vulnerable to SQL injection attacks. An attacker is able to dump the PostgreSQL database and read its content...

CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

CVE-2025-1708

The application is vulnerable to SQL injection attacks. An attacker is able to dump the PostgreSQL database and read its content...

CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

CVE-2025-1709 CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

CVE-2025-1709

CVE-2025-1709 concerns Endress+Hauser MEAC300-FNADE4: information disclosure caused by local PostgreSQL credentials stored in plaintext (partially base64 encoded). Several connected sources reiterate that credentials are exposed, impacting confidentiality. Root cause: credentials stored in plaint...

CVE-2025-1709 CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

CVE-2025-1708 CVE-2025-1708

The application is vulnerable to SQL injection attacks. An attacker is able to dump the PostgreSQL database and read its content...

CVE-2025-1708 CVE-2025-1708

The application is vulnerable to SQL injection attacks. An attacker is able to dump the PostgreSQL database and read its content...

CVE-2025-1708

CVE-2025-1708 affects the Endress+Hauser MEAC300-FNADE4 (Endress+Hauser) through an SQL injection vulnerability. The included documents consistently describe that an attacker can exploit improper validation to dump/read data from the PostgreSQL back-end database (and potentially view/add/modify/d...

CVE-2025-53005

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has...

PT-2025-27770

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The application is vulnerable to SQL injection attacks, allowing an attacker to dump the PostgreSQL database and read its content. Recommendations: At the moment, there is no information abo...