13299 matches found
new module: postgresql:16
An update is available for postgres-decoderbufs, pgaudit, module.pgaudit, module.postgres-decoderbufs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detail...
RLSA-2025:1740 Important: postgresql:16 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
RLSA-2024:6018 Important: postgresql:13 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
RLSA-2025:1739 Important: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...
RLSA-2024:6001 Important: postgresql:15 security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 For more detail...
postgresql:16 security update
An update is available for postgresql, postgres-decoderbufs, module.pgrepack, module.pgaudit, module.postgresql, pgaudit, pgrepack, module.postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
postgresql:15 security update
An update is available for postgresql, postgres-decoderbufs, module.pgrepack, module.pgaudit, module.postgresql, pgaudit, pgrepack, module.postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
postgresql:13 security update
An update is available for postgresql, postgres-decoderbufs, module.pgrepack, module.pgaudit, module.postgresql, pgaudit, pgrepack, module.postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
postgresql:15 security update
An update is available for postgresql, postgres-decoderbufs, module.pgrepack, module.pgaudit, module.postgresql, pgaudit, pgrepack, module.postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RockyLinux 9 : postgresql:15 (RLSA-2024:6020)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6020 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack...
RockyLinux 8 : postgresql:15 (RLSA-2025:1739)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:1739 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...
RockyLinux 8 : postgresql:13 (RLSA-2024:6018)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:6018 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 Tenable has extracted the preceding description block directly from...
RockyLinux 8 : postgresql:16 (RLSA-2025:1740)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:1740 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...
Rollbaccine : Herd Immunity against Storage Rollback Attacks in TEEs [Technical Report]
Today, users can "lift-and-shift" unmodified applications into modern, VM-based Trusted Execution Environments TEEs in order to gain hardware-based security guarantees. However, TEEs do not protect applications against disk rollback attacks, where persistent storage can be reverted to an earlier...
CVE-2025-46337
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and...
DEBIAN-CVE-2025-46337
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and...
UBUNTU-CVE-2025-46337
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection due to improper escaping of a query parameter in the postgres64, postgres7, postgres8, and postgres9 drivers. An attacker can execute arbitrary SQL statements by injecting malicious SQL code into the pginsertid method...
Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to an information disclosure in PostgreSQL [CVE-2024-4317]
Summary IBM Watson Speech Services Cartridge is vulnerable to an information disclosure in PostgreSQL, caused by a missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs CVE-2024-4317. PostgreSQL is used by our Speech Service utilities. This vulnerabilitiy has been...
CVE-2025-46337 SQL injection in ADOdb PostgreSQL driver pg_insert_id() method
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and...