[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256369

 
 

909

 
 

199183

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 44363 Download | Alert*

CVE-2017-12172: Start scripts permit database administrator to modify root-owned files CVE-2017-15098: Memory disclosure in JSON functions CVE-2017-15099: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges Fixed In: postgresql 9.2.24, postgresql 9.3.20, postgresql 9.4.15, postgresql 9.5.10, postgresql 9.6.6, postgresql 10.1

CVE-2017-7484: selectivity estimators bypass SELECT privilege checks; Fixed In Version: postgresql 9.4.12, postgresql 9.5.7, postgresql 9.6.3

PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql94-postgresql . Security Fix: * It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use t ...

PostgreSQL is an advanced object-relational database management system . Security Fix: * It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access. * It was di ...

This update for ghostscript fixes the following issues: - bsc#1006592: Fix a regression introduced in CVE-2013-5653 by which ps files couldn"t be opened in okular/evince .

This update for ghostscript fixes the following issues: - CVE-2016-8602: Insufficient parameter check in .sethalftone5

This update for ghostscript fixes the following security vulnerabilities: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a Denial-of-Service. CVE-2016-10220: A NULL pointer dereference in the PDF Transparency module allowed re ...

This update for ghostscript-library fixes the following issues: - Multiple security vulnerabilities have been discovered where ghostscript"s -dsafer flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted Postscript file would potentially leak sensitive information to an attacker. - Insufficient validation of ...

This update for cairo fixes the following issues: - CVE-2019-6462: Fixed a potentially infinite loop .

This update for Tomcat fixes the following security issues: - CVE-2014-7810: Security manager bypass via EL expressions. It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could have used this flaw to bypass security manager protections. - CVE-2014-0227: Limited DoS in chunked transfer encoding input filter. It w ...


Pages:      Start    4192    4193    4194    4195    4196    4197    4198    4199    4200    4201    4202    4203    4204    4205    ..   4436

© SecPod Technologies