13193 matches found
OPENSUSE-SU-2026:20447-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: - Update to versio 16.13. bsc1258754 - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector bsc1258008 - CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data type...
SUSE-SU-2026:20983-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: - Update to versio 16.13. bsc1258754 - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector bsc1258008 - CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data type...
CVE-2026-29953
SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the columnAsInsert function in file plugins/postgres/lib/column.go...
CVE-2026-29953
CVE-2026-29953 corresponds to a SQL Injection vulnerability in SchemaHero 0.23.0. The issue is triggered via the column parameter to the columnAsInsert function in plugins/postgres/lib/column.go. The vulnerability is evidenced across multiple feeds (Red Hat, CIRCL, NVD, CVE records) with consiste...
openSUSE 16 Security Update : salt (openSUSE-SU-2026:20412-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20412-1 advisory. Changes in salt: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed Do...
randstad-linux-azure-architect-poc
Randstad Azure Linux Architect — POC GitHub: https://gith...
SUSE CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
Linux Distros Unpatched Vulnerability : CVE-2026-32286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative...
BIT-PARSE-2026-33539 Parse Server: SQL injection via aggregate and distinct field names in PostgreSQL adapter
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.59 and 9.6.0, an attacker with master key access can execute arbitrary SQL statements on the PostgreSQL database by injecting SQL metacharacters into field name parameters...
CVE-2026-33713
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could exploit a SQL injection vulnerability in the Data Table Get node. On default SQLite DB, single statements can be manipulate...
CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
DEBIAN-CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
UBUNTU-CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
CVE-2026-32286 Denial of service in github.com/jackc/pgproto3/v2
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
EUVD-2026-16347
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
CVE-2026-32286
CVE-2026-32286 relates to the Go PostgreSQL wire protocol parser (DataRow.Decode) failing to validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic in the affected code path. The issue...
CVE-2026-32286 Denial of service in github.com/jackc/pgproto3/v2
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...