Download
| Alert*
oval:org.secpod.oval:def:49797
PostgreSQL 11.x (64-bit) is installed oval:org.secpod.oval:def:49796 The host is installed with PostgreSQL 10.x before 10.6 or 11.x before 11.1 and is prone to an SQL injection vulnerability. The flaw present in the application's pg_upgrade and pg_dump. Successful exploitation allows attackers to cause arbitrary SQL statements to run, with superuser privileges. oval:org.secpod.oval:def:87210 The host is installed with PostgreSQL 11.x before 11.13, 12.x before 12.8 or 13.x before 13.4 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle a purpose-crafted query. Successful exploitation allows attackers to read arbitrary bytes ... oval:org.secpod.oval:def:87208 The host is installed with PostgreSQL 11.x before 11.12, 12.x before 12.7 or 13.x before 13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle the UPDATE ... RETURNING command on a purpose-crafted table. Successful exploitation allow ... oval:org.secpod.oval:def:87209 The host is installed with PostgreSQL 11.x before 11.11, 12.x before 12.6 or 13.x before 13.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle a user having UPDATE permission but not SELECT permission. Successful exploitation allows ... oval:org.secpod.oval:def:87207 The host is installed with PostgreSQL 9.6.x before 9.6.22, 10.x before 10.17, 11.x before 11.12, 12.x before 12.7 or 13.x before 13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle the INSERT ... ON CONFLICT ... DO UPDATE command o ... oval:org.secpod.oval:def:59793 The host is installed with PostgreSQL 11.x before 11.3 and is prone to an information disclosure vulnerability. A flaw is present in the application fails to handle a purpose-crafted insert to a partitioned table. Successful exploitation allows attackers to read arbitrary bytes of server memory. oval:org.secpod.oval:def:87206 The host is installed with PostgreSQL 9.6.x before 9.6.22, 10.x before 10.17, 11.x before 11.12, 12.x before 12.7 or 13.x before 13.3 and is prone to an integer overflow vulnerability. A flaw is present in the application which fails to handle bounds checks issue while modifying certain SQL array va ... oval:org.secpod.oval:def:55915 The host is installed with PostgreSQL 10.x before 10.9 and 11.x before 11.4 and is prone to an stack-based buffer overflow vulnerability. A flaw is present in the application which fails to handle crafted passwords. Successful exploitation allows attackers to execute arbitrary code as the PostgreSQL ... oval:org.secpod.oval:def:90318 The host is installed with PostgreSQL 11.x before 11.20, 12.x before 12.15, 13.x before 13.11 or 14.x before 14.8, or 15.x before 15.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to handle the CREATE SCHEMA, schema_element which defeats prot ... oval:org.secpod.oval:def:59792 The host is installed with PostgreSQL 11.x before 11.3, 10.x before 10.8, 9.5.x before 9.5.17 or 9.6.x before 9.6.13 and is prone to a security bypass vulnerability. A flaw is present in the application fails to handle an evaluation issue in row security policies. Successful exploitation allows atta ... oval:org.secpod.oval:def:87204 The host is installed with PostgreSQL 11.x before 11.5, 10.x before 10.10, 9.6.x before 9.6.15, 9.5.x before 9.5.19, 9.4.x before 9.4.24 and is prone to a SQL injection vulnerability. A flaw is present in the application which fails to properly handle the SECURITY DEFINER function. Successful exploi ... oval:org.secpod.oval:def:87205 The host is installed with PostgreSQL 11.x before 11.5 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application which fails to properly handle the memory disclosure in cross-type comparison for hashed subplan. Successful exploitation allows attackers to read arbitrar ... oval:org.secpod.oval:def:90320 The host is installed with PostgreSQL 11.x before 11.20, 12.x before 12.15, 13.x before 13.11 or 14.x before 14.8, or 15.x before 15.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to handle an issue in databases that have used CREATE POLICY t ... |