Lucene search
K

17 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in PostgresSQL 11

A flaw was discovered in PostgreSQL versions prior to 13.3, before 12.7, before 11.12, before 10.17, and before 9.6.22. When modifying certain SQL array values, missing bounds checks allow authenticated database users to write arbitrary bytes into a wide range of server memory. The greatest threa...

8.8CVSS7.4AI score0.0199EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-18893

Malware in sbrugna...

8.8CVSS7.3AI score0.0199EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-58143

Malicious code in bioql PyPI...

8.8CVSS7.8AI score0.04322EPSS
Exploits0References34
Cloud Foundry
Cloud Foundry
added 2024/03/18 12:0 a.m.35 views

USN-6538-1: PostgreSQL vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information...

8.8CVSS8.1AI score0.04322EPSS
Exploits0Affected Software2
OSV
OSV
added 2024/03/06 11:2 a.m.61 views

BIT-POSTGRESQL-2023-5869 Postgresql: buffer overrun from integer overflow in array modification

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

8.8CVSS8.8AI score0.04322EPSS
Exploits0References36
Tenable Nessus
Tenable Nessus
added 2024/01/08 12:0 a.m.75 views

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2024-464)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-464 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from the end of the unknown-type value to the next zero byte. One typically gets an...

8.8CVSS7.5AI score0.04322EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/12/14 12:0 a.m.27 views

RHEL 8 : postgresql:10 (RHSA-2023:7778)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7778 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in arra...

8.8CVSS7.6AI score0.04322EPSS
Exploits0References4
NVD
NVD
added 2023/12/10 6:15 p.m.18 views

CVE-2023-5869

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

8.8CVSS0.04322EPSS
Exploits0References35
Prion
Prion
added 2023/12/10 6:15 p.m.76 views

Integer overflow

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

6.5CVSS8.4AI score0.04322EPSS
Exploits0References34Affected Software21
Debian CVE
Debian CVE
added 2023/12/10 5:56 p.m.56 views

CVE-2023-5869

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

8.8CVSS8.8AI score0.04322EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/12/10 5:56 p.m.30 views

CVE-2023-5869

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

8.8CVSS9.3AI score0.04322EPSS
Exploits0
Veracode
Veracode
added 2023/11/27 9:7 p.m.33 views

Arbitrary Code Execution

The PostgreSQL is vulnerable to Arbitrary Code Execution. The vulnerability is caused due to missing overflow checks during SQL array value modification. This can lead to an authenticated database user write arbitrary bytes to memory and extensively read the server's memory by exploiting an integ...

8.8CVSS7.4AI score0.04322EPSS
Exploits0References35Affected Software6
UbuntuCve
UbuntuCve
added 2023/11/15 12:0 a.m.59 views

CVE-2023-5869

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...

8.8CVSS7.5AI score0.04322EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/01/06 12:0 a.m.33 views

EulerOS Virtualization 3.0.2.6 : postgresql (EulerOS-SA-2021-2906)

According to the versions of the postgresql package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While...

8.8CVSS7.2AI score0.0199EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/21 12:0 a.m.45 views

SUSE SLED12: postgresql10 / postgresql10-contrib / postgresql10-devel / etc (SUSE-SU-2021:3481-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3481-1 advisory. - Fix for build with llvm12 on s390x. bsc1185952 - Re-enable 'icu' for PostgreSQL 10. bsc1179945 - Add...

8.8CVSS6.9AI score0.0199EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2021/09/15 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2021-2426)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.0199EPSS
Exploits0References2
Veracode
Veracode
added 2021/05/14 10:8 p.m.53 views

Denial Of Service (DoS)

postgresql is vulnerable to denial of service DoS. The vulnerability exists through the lack of bounds check during the modification of certain SQL array values, allowing authenticated database users write arbitrary bytes to a wide area of server memory...

8.8CVSS5.2AI score0.0199EPSS
Exploits0References8Affected Software10
Rows per page
Query Builder