8 matches found
USN-5645-1: PostgreSQL vulnerabilities
Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established. CVE-2021-23214 Tom Lane discovered that PostgreSQL incorrect handled...
Vulnerability in core server (CVE-2019-10208)
TYPE in pgtemp executes arbitrary SQL during SECURITY DEFINER execution Given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the identity of the function owner. An attack requires EXECUTE permission on the function, which must itself contain a function call havi...
Important: Red Hat Security Advisory: CloudForms 4.6.6 security, bug fix and enhancement update
An update is now available for CloudForms Management Engine 5.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
RHEL 6 : postgresql92 in Satellite Server (RHSA-2016:1060)
An update for postgresql92-postgresql is now available for Red Hat Satellite 5.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CentOS 7 : postgresql (CESA-2016:0346)
Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Debian Security Advisory DSA 3476-1 (postgresql-9.4 - security update)
Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system. CVE-2016-0766 A privilege escalation vulnerability for users of PL/Java was discovered. Certain custom configuration settings GUCs for PL/Java will now be modifiable only by the database superuser to mitigate this...
Mandriva Linux Security Advisory : postgresql (MDVSA-2012:092)
Multiple vulnerabilities has been discovered and corrected in postgresql : Fix incorrect password transformation in contrib/pgcrypto's DES crypt function Solar Designer. If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much...
Ubuntu USN-801-1 (tiff)
The remote host is missing an update to tiff announced via advisory USN-801-1. OpenVAS Vulnerability Test $Id: ubuntu8011.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8011.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-801-1 tiff Authors: Thomas Reinke...