EUVD-2017-2448

Malware in sbrugna...

python3.12-psycopg2 bug fix and enhancement update

An update is available for python3.12-psycopg2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

Odoo Authentication Bypass Vulnerability

Odoo formerly OpenERP and others are products of the Belgian company Odoo, an Enterprise Resource Planning ERP and Customer Relationship Management CRM system; Odoo Community Edition, its community edition; and Odoo Enterprise Edition, its enterprise edition.Psycopg is one of the Psycopg is one o...

Authentication flaw

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers can bypass authentication under certain circumstances because parameters containing 0x00 characters are truncated before reaching the database layer. This occurs because Psycopg 2.x before...

CVE-2017-10804

CVE-2017-10804 affects Odoo 8.0, Odoo Community Edition 9.0/10.0, and Odoo Enterprise Edition 9.0/10.0. The root cause is that parameters containing 0x00 characters are truncated before reaching the database layer due to using Psycopg 2.x before 2.6.3. This enables remote attackers to bypass auth...

CVE-2017-10804

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers can bypass authentication under certain circumstances because parameters containing 0x00 characters are truncated before reaching the database layer. This occurs because Psycopg 2.x before...

CVE-2017-10804

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers can bypass authentication under certain circumstances because parameters containing 0x00 characters are truncated before reaching the database layer. This occurs because Psycopg 2.x before...

Debian Security Advisory DSA 1087-1 (postgresql)

The remote host is missing an update to postgresql announced via advisory DSA 1087-1. Several encoding problems have been discovered in PostgreSQL, a popular SQL database. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-2313 Akio Ishida and Yasuo Ohgak...

Debian DSA-1087-1 : postgresql - programming error

Several encoding problems have been discovered in PostgreSQL, a popular SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-2313 Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling of invalidly-encoded multibyte text data...

USN-288-1: PostgreSQL server/client vulnerabilities

CVE-2006-2313: Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling of invalidly-encoded multibyte text data. If a client application processed untrusted input without respecting its encoding and applied standard string escaping techniques such as replacing a single quote '''''''...

Ubuntu 5.04 / 5.10 : postgresql-7.4/-8.0, postgresql, psycopg, (USN-288-1)

CVE-2006-2313: Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling of invalidly-encoded multibyte text data. If a client application processed untrusted input without respecting its encoding and applied standard string escaping techniques such as replacing a single quote '''''''...