13198 matches found
CVE-2022-41862 vulnerabilities
Vulnerabilities for packages: postgresql...
CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
DEBIAN-CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
Code injection
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
CVE-2022-41862
CVE-2022-41862 affects PostgreSQL libpq/client memory disclosure when connecting with Kerberos to a modified server. Connected documents confirm impact across multiple package tracks (libpq for AL2/Linux distros and PostgreSQL server/client suites for various versions, including 12.x–15.x), with ...
CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
Ubuntu: Security Advisory (USN-5906-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...
USN-5906-1: PostgreSQL vulnerability
Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information...
USN-5906-1 postgresql-12, postgresql-14 vulnerability
Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information...
Ubuntu 20.04 LTS / 22.04 LTS : PostgreSQL vulnerability (USN-5906-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5906-1 advisory. Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into...
Exploit for Improper Access Control in Joomla Joomla\!
CVE-2023-23752 Joomla unauthorized access vulnerability CVE...
OESA-2023-1133 rubygem-activerecord security update
Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. Security Fixes: A denial of service vulnerability present in...
OESA-2023-1132 rubygem-activerecord security update
Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. Security Fixes: A denial of service vulnerability present in...
The vulnerability of the PostgreSQL database management system, related to the loading of code without checking its integrity, allows a perpetrator to execute arbitrary code.
The vulnerability of the PostgreSQL database management system lies in the loading of code without checking its integrity. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code remotely...
SUSE-SU-2023:0569-1 Security update for postgresql15
This update for postgresql15 fixes the following issues: Update to 15.2: - CVE-2022-41862: Fixed memory leak in libpq bsc1208102...
MGASA-2023-0064 Updated postgresql packages fix security vulnerability
Client memory disclosure when connecting, with Kerberos, to modified server. CVE-2022-41862...