Lucene search
K

62 matches found

Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.233 views

CentOS 8 : postgresql:10 (CESA-2020:5567)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5567 advisory. - postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 - postgresql: Multiple features escape security restricted operati...

8.8CVSS6.5AI score0.4644EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/01/21 12:0 a.m.149 views

RHEL 8 : postgresql:10 (RHSA-2021:0166)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0166 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...

9CVSS7.6AI score0.4644EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2021/01/18 12:0 a.m.52 views

RHEL 8 : postgresql:10 (RHSA-2021:0161)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0161 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...

8.8CVSS6.7AI score0.4644EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/12/22 9:27 a.m.5 views

postgresql: Stack-based buffer overflow via setting a password

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the...

9CVSS8.1AI score0.03711EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/12/22 12:0 a.m.151 views

RHEL 8 : postgresql:10 (RHSA-2020:5664)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5664 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...

9CVSS7.6AI score0.4644EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.21 views

SUSE SLES12 Security Update : postgresql, postgresql96, postgresql10 / postgresql12 (SUSE-SU-2020:3343-1)

This update changes the internal packaging for postgresql, and so contains all currently maintained postgresql versions across our SUSE Linux Enterprise 12 products. postgresql12 is shipped new in version 12.3 bsc1171924. The server and client packages only on SUSE Linux Enterprise Server 12 SP5,...

5.5AI score
Exploits0References10
OSV
OSV
added 2019/09/03 6:18 p.m.5 views

OPENSUSE-SU-2019:2062-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner bsc1145092. This update was imported from the SUSE:SLE-15:Update update project...

8.8CVSS9.5AI score0.0217EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/06/21 12:0 a.m.91 views

Ubuntu: Security Advisory (USN-4027-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.8AI score0.03711EPSS
Exploits0References2
Veracode
Veracode
added 2019/01/15 9:19 a.m.28 views

Arbitrary Code Execution

rh-postgresql95-postgresql is vulnerable to arbitrary code execution attacks. The vulnerability exists as PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and...

6.7CVSS7.3AI score0.00586EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2018/11/19 4:53 p.m.4 views

SUSE-SU-2018:3811-1 Security update for SUSE Manager Server 3.1

This update includes the following new features: - Add support for postgresql 10 fate325659 This update fixes the following issues: py26-compat-salt: - Update Salt version to 2016.11.10 - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api bsc1113698. - CVE-2018-15751: Fixed remot...

9.8CVSS8.4AI score0.02739EPSS
Exploits0References38
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/12 12:9 p.m.68 views

Security update for postgresql10 (moderate)

This update for brings postgresql10 version 10.5 to openSUSE Leap 42.3. FATE325659 bnc1108308 This release marks the change of the versioning scheme for PostgreSQL to a "x.y" format. This means the next minor releases of PostgreSQL will be 10.1, 10.2, ... and the next major release will be 11...

1.4AI score
Exploits0References1
OSV
OSV
added 2018/08/30 2:11 p.m.5 views

SUSE-SU-2018:2564-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: PostgreSQL 10 was updated to 10.5: - https://www.postgresql.org/about/news/1851/ - https://www.postgresql.org/docs/current/static/release-10-5.html A dump/restore is not required for those running 10.X. However, if you use the adminpack...

9.1CVSS8.5AI score0.05154EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2018/08/16 1:9 p.m.284 views

USN-3744-1: PostgreSQL vulnerabilities

Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

8.5CVSS7.6AI score0.05154EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/02/09 2:29 p.m.27 views

CVE-2018-1052

Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table...

6.5CVSS6.8AI score0.01826EPSS
Exploits0References1
OSV
OSV
added 2018/02/09 2:29 p.m.26 views

CVE-2018-1052

Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table...

6.5CVSS6.4AI score
Exploits0References2
NVD
NVD
added 2018/02/09 2:29 p.m.20 views

CVE-2018-1052

Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table...

6.5CVSS6.4AI score0.01826EPSS
Exploits0References2
Prion
Prion
added 2018/02/09 2:29 p.m.28 views

Design/Logic Flaw

Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table...

4CVSS6.2AI score0.01826EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/02/09 2:0 p.m.34 views

CVE-2018-1052

Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table...

6.4AI score0.01826EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2018/02/09 2:0 p.m.30 views

CVE-2018-1052

Removed by vendor...

6.5CVSS6.8AI score0.01826EPSS
Exploits0
OSV
OSV
added 2017/11/22 6:29 p.m.27 views

CVE-2017-15099

INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE...

6.5CVSS6.8AI score
Exploits0References7
Rows per page
Query Builder