Lucene search
K

13427 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.3 views

SUSE CVE-2022-31197

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contain...

8.1CVSS7.9AI score0.01662EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.2 views

SUSE CVE-2022-31625

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or...

7.8CVSS8.8AI score0.03437EPSS
Exploits1References13
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.4 views

SUSE CVE-2022-41862

In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes...

7.5CVSS7AI score0.00616EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.3 views

SUSE CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

5.9CVSS5.6AI score0.01265EPSS
Exploits1References7
Fedora
Fedora
added 2023/02/15 1:20 a.m.32 views

[SECURITY] Fedora 36 Update: syslog-ng-3.35.1-4.fc36

syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...

7.5CVSS1.4AI score0.02403EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/15 12:0 a.m.23 views

SUSE SLES12: postgresql14 / postgresql14-contrib / postgresql14-devel / etc (SUSE-SU-2023:0392-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0392-1 advisory. Update to 14.7: - CVE-2022-41862: Fixed memory leak in libpq bsc1208102. Tenable has extracted the preceding description block directly from...

3.7CVSS6.7AI score0.00616EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/15 12:0 a.m.40 views

SUSE SLES12: libecpg6 / libecpg6-32bit / libpq5 / libpq5-32bit / postgresql15 / etc (SUSE-SU-2023:0393-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0393-1 advisory. Update to 15.2: - CVE-2022-41862: Fixed memory leak in libpq bsc1208102. Tenable has extracted the preceding description block directly from...

3.7CVSS6.7AI score0.00616EPSS
Exploits0References4
OSV
OSV
added 2023/02/14 3:52 p.m.6 views

OPENSUSE-SU-2023:0046-1 Security update for timescaledb

This update for timescaledb fixes the following issues: Update to version 2.9.3 - https://github.com/timescale/timescaledb/releases/tag/2.9.3 - https://github.com/timescale/timescaledb/releases/tag/2.9.2 - https://github.com/timescale/timescaledb/releases/tag/2.9.1 -...

8CVSS8.1AI score0.00871EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/02/14 1:11 p.m.64 views

Moderate: Red Hat Security Advisory: Red Hat Virtualization security and bug fix update

An update for ovirt-ansible-collection, ovirt-engine, and postgresql-jdbc is now available for Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8, Red Hat Virtualization 4 for Red Hat Enterprise Linux 8, and Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this...

5.5CVSS6.5AI score0.0048EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/02/14 1:11 p.m.5 views

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

5.5CVSS6.8AI score0.0048EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/02/14 12:11 p.m.5 views

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

5.5CVSS6.8AI score0.0048EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/02/14 12:0 a.m.2 views

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL, which is caused by a...

3.7CVSS6.6AI score0.00616EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2023/02/14 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2023:0392-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS6.5AI score0.00616EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/13 1:10 p.m.90 views

Security Bulletin: IBM QRadar SIEM includes multiple components with known vulnerabilities

Summary The product includes multiple vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site...

9.8CVSS9.3AI score0.06451EPSS
Exploits6Affected Software1
OSV
OSV
added 2023/02/13 9:9 a.m.7 views

SUSE-SU-2023:0393-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to 15.2: - CVE-2022-41862: Fixed memory leak in libpq bsc1208102...

3.7CVSS4.4AI score0.00616EPSS
Exploits0References3
OSV
OSV
added 2023/02/13 9:9 a.m.3 views

SUSE-SU-2023:0392-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to 14.7: - CVE-2022-41862: Fixed memory leak in libpq bsc1208102...

3.7CVSS4.4AI score0.00616EPSS
Exploits0References3
OSV
OSV
added 2023/02/13 9:8 a.m.8 views

SUSE-SU-2023:0390-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: Update to 12.14: - CVE-2022-41862: Fixed memory leak in libpq bsc1208102...

3.7CVSS4.4AI score0.00616EPSS
Exploits0References3
Veracode
Veracode
added 2023/02/11 11:4 p.m.24 views

Information Disclosure

postgresql is vulnerable to Information Disclosure. The vulnerability exists because a modified, unauthenticated server can send an unterminated string during the establishment of kerberos transport encryption where a libpq's caller makes that message accessible to the attacker...

3.7CVSS5.2AI score0.00616EPSS
Exploits0References12Affected Software8
OpenVAS
OpenVAS
added 2023/02/11 12:0 a.m.16 views

Debian: Security Advisory (DLA-3316-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.7CVSS4.8AI score0.00616EPSS
Exploits0References4
Debian
Debian
added 2023/02/10 1:33 p.m.22 views

[SECURITY] [DLA 3316-1] postgresql-11 security update

Debian LTS Advisory DLA-3316-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez February 10, 2023 https://wiki.debian.org/LTS Package : postgresql-11 Version : 11.19-0+deb10u1 CVE ID : CVE-2022-41862 Jacob Champion discovered that libpq can leak memory contents...

3.7CVSS6.5AI score0.00616EPSS
Exploits0
Rows per page
Query Builder