CVE-2026-11956

A vulnerability was determined in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute. The attack can be launched remotely. This attac...

PT-2026-48659

A vulnerability was determined in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute. The attack can be launched remotely. This attac...

Astra Linux – Vulnerability in mbedtls

Mbed TLS versions before 3.0.1 have a double-free error under certain out-of-memory conditions, as demonstrated by a failure in the mbedtlssslsetsession function...

JLSEC-2026-49

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...

EUVD-2006-0685

Malware in sbrugna...

EUVD-2009-3455

Malware in sbrugna...

ROS-20241211-02

CREATE POLICY row-protected table security policy vulnerability in the PostgreSQL database management system PostgreSQL is related to a lack of consistency between independent views of shared state. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary...

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability...

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability...

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability...

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability...

Security update for postgresql14

This update for postgresql14 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...

SUSE-SU-2024:4176-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

Security update for postgresql13

This update for postgresql13 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...

SUSE-SU-2024:4175-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability...

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability...

Security update for postgresql13

This update for postgresql13 fixes the following issues: CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiatio...

SUSE-SU-2024:4098-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference bsc1233323. - CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol...