13194 matches found
SUSE: Security Advisory (SUSE-SU-2026:0883-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2026-12138
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, a SQL injection vulnerability in the built-in SQL Agent plugin allows any user who can invoke the agent to execute arbitrary SQL commands on connected...
BIT-PARSE-2026-32234 Parse Server has a SQL injection via query field name when using PostgreSQL
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.36, an attacker with access to the master key can inject malicious SQL via crafted field names used in query constraints when Parse Server is configured with PostgreSQL a...
BIT-PARSE-2026-31871 Parse Server has a SQL Injection via dot-notation sub-key name in `Increment` operation on PostgreSQL
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.31, a SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment operations on nested object fields using dot notation e.g.,...
BIT-PARSE-2026-31856 Parse Server has a SQL injection via `Increment` operation on nested object field in PostgreSQL
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment operations on nested object fields using dot notation e.g., stats.counter. The amount value is...
BIT-PARSE-2026-31840 Parse Server has a SQL injection via dot-notation field name in PostgreSQL
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0 and 8.6.28, an attacker can use a dot-notation field name in combination with the sort query parameter to inject SQL into the PostgreSQL database through an improper escaping of...
RHSA-2026:4548 Red Hat Security Advisory: postgresql:15 security update
Bulletin has no description...
RHSA-2026:4547 Red Hat Security Advisory: postgresql:16 security update
Bulletin has no description...
RHSA-2026:4546 Red Hat Security Advisory: postgresql:15 security update
Bulletin has no description...
RHSA-2026:4544 Red Hat Security Advisory: postgresql:16 security update
Bulletin has no description...
RHSA-2026:4528 Red Hat Security Advisory: postgresql security update
Bulletin has no description...
RHSA-2026:4524 Red Hat Security Advisory: postgresql security update
Bulletin has no description...
RHSA-2026:4518 Red Hat Security Advisory: postgresql security update
Bulletin has no description...
RHSA-2026:4515 Red Hat Security Advisory: postgresql:15 security update
Bulletin has no description...
RHSA-2026:4516 Red Hat Security Advisory: postgresql:13 security update
Bulletin has no description...
RHSA-2026:4509 Red Hat Security Advisory: postgresql:12 security update
Bulletin has no description...
RHSA-2026:4506 Red Hat Security Advisory: postgresql:12 security update
Bulletin has no description...
RHSA-2026:4505 Red Hat Security Advisory: postgresql:12 security update
Bulletin has no description...
RHSA-2026:4504 Red Hat Security Advisory: postgresql:13 security update
Bulletin has no description...
RHSA-2026:4475 Red Hat Security Advisory: postgresql security update
Bulletin has no description...