postgresql security update

9.2.24-9.0.5 - Resolves CVE-2025-1094: Improper neutralization of quoting syntax in certain - libpq functions Orabug: 37843176...

CVE-2025-45525

A NULL pointer dereference vulnerability has been identified in the JavaScript library microlight version 0.0.7, a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before...

CVE-2025-45525

A NULL pointer dereference vulnerability has been identified in the JavaScript library microlight version 0.0.7, a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before...

CVE-2025-45525

A NULL pointer dereference vulnerability has been identified in the JavaScript library microlight version 0.0.7, a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before...

TencentOS Server 2: raptor2 (TSSA-2025:0097)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0097 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 4: raptor2 (TSSA-2025:0036)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0036 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-6083

In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...

CVE-2025-6083

In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...

CVE-2025-6083

In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...

CVE-2025-6083

CVE-2025-6083 affects ExtremeCloud Universal ZTNA. A syntax error in the searchKeyword condition allows queries to bypass the owner_id filter, potentially letting a user search data across the entire table instead of constraints tied to their owner_id. The available connected sources consistently...

CVE-2025-6083 ExtremeCloud Universal ZTNA Improper Authorization

In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...

CVE-2025-49582

XWiki platform is affected by a remote code execution risk due to incomplete required-right analyzers for dangerous macros. The issue allows a page to include Groovy or Python macros hidden by a user with lower privileges, which could be executed when another user with higher rights edits the pag...

CVE-2025-49582 XWiki's required right warnings for macros are incomplete

XWiki is a generic wiki platform. When editing content that contains "dangerous" macros like malicious script macros that were authored by a user with fewer rights, XWiki warns about the execution of these macros since XWiki 15.9RC1. These required rights analyzers that trigger these warnings are...

PT-2025-25448

Name of the Vulnerable Software and Affected Versions ExtremeCloud Universal ZTNA affected versions not specified Description A syntax error in the searchKeyword condition allows queries to bypass the owner id filter. This issue may enable users to search data across the entire table, rather than...

Extreme Universal ZTNA 授权问题漏洞

Extreme Universal ZTNA is a complete network access solution from Extreme, Inc. An authorization issue vulnerability exists in Extreme Universal ZTNA that stems from a searchKeyword conditional syntax error that could lead to bypassing the ownerid filter...

CVE-2025-48828

Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocation syntax, such as the "vardump""test" syntax, attackers can bypass security checks and execute...

EUVD-2025-28268

Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocation syntax, such as the "vardump""test" syntax, attackers can bypass security checks and execute...

VulnCheck KEV: CVE-2025-48828

Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocation syntax, such as the "vardump""test" syntax, attackers can bypass security checks and...

CVE-2024-50584

An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by accessing the /class/templateio.php file and supplying malicious GET parameters. The "templates" parameter is vulnerable against blind boolean-based SQL injection attacks. SQL syntax must be injected into the...

CVE-2024-55877

XWiki Platform is a generic wiki platform. Starting in version 9.7-rc-1 and prior to versions 15.10.11, 16.4.1, and 16.5.0, any user with an account can perform arbitrary remote code execution by adding instances of XWiki.WikiMacroClass to any page. This compromises the confidentiality, integrity...