Download
| Alert*
|
oval:org.secpod.oval:def:44450
PostgreSQL 10.x (64-bit) is installed oval:org.secpod.oval:def:45858 The host is installed with PostgreSQL 10.x before 10.2 and is prone to a memory disclosure vulnerability. The flaw present in the application fails to handle purpose-crafted inserts to a partitioned table. Successful exploitation allows attackers to read arbitrary bytes of server memory. oval:org.secpod.oval:def:49796 The host is installed with PostgreSQL 10.x before 10.6 or 11.x before 11.1 and is prone to an SQL injection vulnerability. The flaw present in the application's pg_upgrade and pg_dump. Successful exploitation allows attackers to cause arbitrary SQL statements to run, with superuser privileges. oval:org.secpod.oval:def:44448 The host is installed with PostgreSQL 10.x before 10.1, 9.2.x before 9.2.24, 9.3.x before 9.3.20, 9.4.x before 9.4.15, 9.5.x before 9.5.10 or 9.6.x before 9.6.6 and is prone to a remote privilege escalation vulnerability. The flaws present in the application fails to handle the initialization script ... oval:org.secpod.oval:def:87207 The host is installed with PostgreSQL 9.6.x before 9.6.22, 10.x before 10.17, 11.x before 11.12, 12.x before 12.7 or 13.x before 13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle the INSERT ... ON CONFLICT ... DO UPDATE command o ... oval:org.secpod.oval:def:87206 The host is installed with PostgreSQL 9.6.x before 9.6.22, 10.x before 10.17, 11.x before 11.12, 12.x before 12.7 or 13.x before 13.3 and is prone to an integer overflow vulnerability. A flaw is present in the application which fails to handle bounds checks issue while modifying certain SQL array va ... oval:org.secpod.oval:def:55915 The host is installed with PostgreSQL 10.x before 10.9 and 11.x before 11.4 and is prone to an stack-based buffer overflow vulnerability. A flaw is present in the application which fails to handle crafted passwords. Successful exploitation allows attackers to execute arbitrary code as the PostgreSQL ... oval:org.secpod.oval:def:45856 The host is installed with PostgreSQL 10.x before 10.4 or 9.6.x before 9.6.9 and is prone to a privilege escalation vulnerability. The flaw present in the application fails to handle a pg_catalog.pg_logfile_rotate() function issue. Successful exploitation allows attackers to force log rotation. oval:org.secpod.oval:def:47263 The host is installed with PostgreSQL 10.x before 10.5, 9.6.x before 9.6.10, 9.5.x before 9.5.14, 9.4.x before 9.4.19, and 9.3.x before 9.3.24 and is prone to a security bypass vulnerability. The flaw present in the application's libpq component where it fails to properly reset its internal state be ... oval:org.secpod.oval:def:47262 The host is installed with PostgreSQL 10.x before 10.5, 9.6.x before 9.6.10, 9.5.x before 9.5.14, 9.4.x before 9.4.19, and 9.3.x before 9.3.24 and is prone to a security bypass vulnerability. The flaw present in the application's libpq component where it fails to properly reset its internal state be ... oval:org.secpod.oval:def:44452 The host is installed with PostgreSQL 10.x before 10.1, 9.5.x before 9.5.10 or 9.6.x before 9.6.6 and is prone to a security bypass vulnerability. The flaws present in the application fails to handle the SELECT privileges in INSERT ... ON CONFLICT DO UPDATE commands. Successful exploitation allows a ... oval:org.secpod.oval:def:44451 The host is installed with PostgreSQL 10.x before 10.1, 9.3.x before 9.3.20, 9.4.x before 9.4.15, 9.5.x before 9.5.10 or 9.6.x before 9.6.6 and is prone to a memory disclosure vulnerability. The flaw present in the application fails to handle the json function call issue. Successful exploitation all ... oval:org.secpod.oval:def:45857 The host is installed with PostgreSQL 10.x before 10.2, 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11 or 9.6.x before 9.6.7 and is prone to an information disclosure vulnerability. The flaw present in the application fails to handle issues in pg_upgrade function. Successful exploitat ... oval:org.secpod.oval:def:45859 The host is installed with PostgreSQL 9.3 through 10 and is prone to a privilege escalation vulnerability. The flaw present in the application fails to prevent a user from modifying the behavior of a query for other users.. Successful exploitation allows attackers to execute code with the permission ... oval:org.secpod.oval:def:59792 The host is installed with PostgreSQL 11.x before 11.3, 10.x before 10.8, 9.5.x before 9.5.17 or 9.6.x before 9.6.13 and is prone to a security bypass vulnerability. A flaw is present in the application fails to handle an evaluation issue in row security policies. Successful exploitation allows atta ... oval:org.secpod.oval:def:87204 The host is installed with PostgreSQL 11.x before 11.5, 10.x before 10.10, 9.6.x before 9.6.15, 9.5.x before 9.5.19, 9.4.x before 9.4.24 and is prone to a SQL injection vulnerability. A flaw is present in the application which fails to properly handle the SECURITY DEFINER function. Successful exploi ... |
