4 matches found
SUSE CVE-2026-6638
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...
CVE-2026-6638
Summary: CVE-2026-6638 is a SQL injection vulnerability in PostgreSQL’s logical replication via ALTER SUBSCRIPTION ... REFRESH PUBLICATION. The issue affects major versions 16, 17, and 18 with specific vulnerable minor versions (16.14, 17.10, 18.4) and is triggered at the next REFRESH PUBLICATION...
CVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...
Code injection
Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services SES 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain 1 application server configuration, 2 database server configuration including encrypted passwords...