8 matches found
PostgreSQL Anonymizer 安全漏洞
PostgreSQL Anonymizer is an open-source extension developed by DALIBO in France, designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. PostgreSQL Anonymizer has a security vulnerability that stems from allowing users to create...
CVE-2025-55282 aiven-db-migrate allows Privilege Escalation via unrestricted search_path during migration
aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of searchpath restriction, an attacke...
USN-6968-2 postgresql-9.5 vulnerability
USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS. Original advisory details: Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could...
postgresql: extension script @substitutions@ within quoting allow SQL injection
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct dollar quoting, '', or "". If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with...
dmidecode: dump-bin to overwrite a local file
A vulnerability was found in dmidecode, which allows -dump-bin to overwrite a local file. This issue may lead to the execution of dmidecode via Sudo...
SUSE CVE-2022-1552
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activated relevant protections too late or no...
QNX PPPoEd 2.4/4.25/6.2 - Multiple Local Buffer Overrun Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11104/info QNX PPPoEd is reported to be prone to multiple local buffer overflow vulnerabilities. The issues presents themselves when PPPoEd handles certain command line arguments that are greater than 256 bytes in length...
QNX PPPoEd 2.4/4.25/6.2 - Multiple Local Buffer Overrun Vulnerabilities
source: https://www.securityfocus.com/bid/11104/info QNX PPPoEd is reported to be prone to multiple local buffer overflow vulnerabilities. The issues presents themselves when PPPoEd handles certain command line arguments that are greater than 256 bytes in length. Because variables that are crucia...