15 matches found
MiracleLinux 9 : postgresql-13.13-1.el9_3 (AXSA:2023-7047:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7047:07 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...
PostgreSQL Vulnerable to Denial-of-Service (DoS) in 'pg_signal_backend()'
PostgreSQL contains a denial-of-service DoS vulnerability. An attacker with superuser permissions could exploit this issue to cause the database to crash...
Postgresql: role pg_signal_backend can signal certain superuser processes.
...
USN-6538-1: PostgreSQL vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information...
CLSA-2024-1707822783 Fix CVE(s): CVE-2023-5868, CVE-2023-5870
SECURITY UPDATE: Memory disclosure in aggregate function calls - debian/patches/CVE-2023-5868.patch: Compute aggregate argument types correctly in transformAggregateCall. - CVE-2023-5868 SECURITY UPDATE: Role "pgsignalbackend" can signal certain superuser processes -...
postgresql: Role pg_signal_backend can signal certain superuser processes.
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
postgresql: Role pg_signal_backend can signal certain superuser processes.
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
postgresql: Role pg_signal_backend can signal certain superuser processes.
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
postgresql: Role pg_signal_backend can signal certain superuser processes.
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
postgresql: Role pg_signal_backend can signal certain superuser processes.
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
postgresql: Role pg_signal_backend can signal certain superuser processes.
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
postgresql: Role pg_signal_backend can signal certain superuser processes.
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
postgresql: Role pg_signal_backend can signal certain superuser processes.
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
The vulnerability of the PostgreSQL database management system lies in the ability to send signals to user processes through the role of pg_signal_backend. This allows a malicious actor to cause a service failure for a specific background process.
The vulnerability of the PostgreSQL database management system relates to the ability to send signals to user processes through the role of pgsignalbackend. Exploiting this vulnerability allows a malicious actor to cause a service failure for a specific background process...
PT-2023-6889 · Unknown +11 · Postgresql +10
Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: The issue is related to the pg signal backend role in PostgreSQL, which allows signaling certain superuser processes. This can be exploited by a remote high-privileged user to launch a...