Oracle Linux 9 : postgresql:15 (ELSA-2024-10787)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10787 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.10-1 - Update to 15.10 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 Tenable has extracted...

GHSA-VRJR-P3XP-XX2X phpMyFAQ Generates an Error Message Containing Sensitive Information if database server is not available

Summary Exposure of database ie postgreSQL server's credential when connection to DB fails. Details Exposed database credentials upon misconfig/DoS @ permalink: https://github.com/thorsten/phpMyFAQ/blob/main/phpmyfaq/src/phpMyFAQ/Setup/Installer.phpL694 PoC When postgreSQL server is unreachable, ...

phpMyFAQ Generates an Error Message Containing Sensitive Information if database server is not available

Summary Exposure of database ie postgreSQL server's credential when connection to DB fails. Details Exposed database credentials upon misconfig/DoS @ permalink: https://github.com/thorsten/phpMyFAQ/blob/main/phpmyfaq/src/phpMyFAQ/Setup/Installer.phpL694 PoC When postgreSQL server is unreachable, ...

RHSA-2024:10851 Red Hat Security Advisory: postgresql:15 security update

Bulletin has no description...

RHSA-2024:10830 Red Hat Security Advisory: postgresql:15 security update

Bulletin has no description...

RHSA-2024:10831 Red Hat Security Advisory: postgresql:16 security update

Bulletin has no description...

SQL Injection to RCE on FinanceChatLlamaPack

Summary The Finance Chat Llama Pack implements a hierarchical agent based on LLM for financial chat and information extraction. It includes an agent called 'database agent' for interacting with a PostgreSQL database. However, due to the lack of protections in the runsqlquery function on the...

postgresql:15 security update

pgaudit pgrepack postgres-decoderbufs postgresql 15.10-1 - Update to 15.10 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979...

postgresql:12 security update

pgaudit pgrepack postgres-decoderbufs postgresql 12.22-1 - Update to 12.22 - Fixes: CVE-2024-10976 CVE-2024-10978...

postgresql:15 security update

pgaudit pgrepack postgres-decoderbufs postgresql 15.10-1 - Update to 15.10 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979...

Oracle Linux 8 : postgresql:13 (ELSA-2024-10832)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10832 advisory. pgaudit 1.5.0-1 - Update to version 1.5.0 Related: 1855776 1.4.0-4 - Bump release for rebuild against libpq-12.1-3 1.4.0-3 - BuildRequires libpq-devel...

RHEL 8 : postgresql:13 (RHSA-2024:10846)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10846 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL PL/Perl environment variable...

Oracle Linux 8 : postgresql:12 (ELSA-2024-10785)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10785 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 12.22-1 - Update to 12.22 - Fixes: CVE-2024-10976 CVE-2024-10978 Tenable has extracted the preceding...

RHEL 8 : postgresql:15 (RHSA-2024:10851)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10851 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL PL/Perl environment variable...

Oracle Linux 8 : postgresql:15 (ELSA-2024-10830)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10830 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.10-1 - Update to 15.10 - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 Tenable has extracted...

Oracle Linux 8 : postgresql:16 (ELSA-2024-10831)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10831 advisory. - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 - Fix CVE-2024-7348 - Fixes: CVE-2023-2454 CVE-2023-2455 Tenable has extracted the preceding...

Important Photon OS Security Update - PHSA-2024-4.0-0720

Updates of 'postgresql13', 'postgresql15', 'postgresql14' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2024-5.0-0419

Updates of 'postgresql13', 'postgresql15', 'postgresql14' packages of Photon OS have been released...

K000148871: PostgreSQL vulnerability CVE-2024-4317

Security Advisory Description Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the...

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...