17 matches found
Astra Linux – Vulnerability in PostgresSQL 11
A flaw was discovered in PostgreSQL versions prior to 13.3, before 12.7, before 11.12, before 10.17, and before 9.6.22. When modifying certain SQL array values, missing bounds checks allow authenticated database users to write arbitrary bytes into a wide range of server memory. The greatest threa...
EUVD-2021-18893
Malware in sbrugna...
EUVD-2023-58143
Malicious code in bioql PyPI...
USN-6538-1: PostgreSQL vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information...
BIT-POSTGRESQL-2023-5869 Postgresql: buffer overrun from integer overflow in array modification
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2024-464)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-464 advisory. Certain aggregate function calls receiving unknown-type arguments could disclose bytes of server memory from the end of the unknown-type value to the next zero byte. One typically gets an...
RHEL 8 : postgresql:10 (RHSA-2023:7778)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7778 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in arra...
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
Integer overflow
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
Arbitrary Code Execution
The PostgreSQL is vulnerable to Arbitrary Code Execution. The vulnerability is caused due to missing overflow checks during SQL array value modification. This can lead to an authenticated database user write arbitrary bytes to memory and extensively read the server's memory by exploiting an integ...
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
EulerOS Virtualization 3.0.2.6 : postgresql (EulerOS-SA-2021-2906)
According to the versions of the postgresql package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While...
SUSE SLED12: postgresql10 / postgresql10-contrib / postgresql10-devel / etc (SUSE-SU-2021:3481-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3481-1 advisory. - Fix for build with llvm12 on s390x. bsc1185952 - Re-enable 'icu' for PostgreSQL 10. bsc1179945 - Add...
Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2021-2426)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
postgresql is vulnerable to denial of service DoS. The vulnerability exists through the lack of bounds check during the modification of certain SQL array values, allowing authenticated database users write arbitrary bytes to a wide area of server memory...