CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/06/16 12:0 a.m.•5 views

TencentOS Server 3: postgresql:10 (TSSA-2023:0206)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0206 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8CVSS7.2AI score0.0152EPSS

Redos•added 2025/06/16 12:0 a.m.•4 views

ROS-20250616-17

Vulnerability in libpq library of PostgreSQL database management system is associated with buffer overflow when checking PostgreSQL GB18030 encoding. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

5.9CVSS5.8AI score0.00612EPSS

Redos•added 2025/06/16 12:0 a.m.•7 views

ROS-20250616-20

5.9CVSS7.2AI score0.00612EPSS

Redos•added 2025/06/16 12:0 a.m.•4 views

ROS-20250616-19

5.9CVSS7.2AI score0.00612EPSS

Redos•added 2025/06/16 12:0 a.m.•16 views

ROS-20250616-16

5.9CVSS5.8AI score0.00612EPSS

Tenable Nessus•added 2025/06/11 12:0 a.m.•6 views

Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2025-018)

The version of postgresql installed on the remote host is prior to 14.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2025-018 advisory. Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary deni...

5.9CVSS6.7AI score0.00612EPSS

Tenable Nessus•added 2025/06/02 12:0 a.m.•8 views

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2025-974)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-974 advisory. Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination...

5.9CVSS6.6AI score0.00612EPSS

Tenable Nessus•added 2025/05/31 12:0 a.m.•2 views

SUSE SLES12: postgresql16 / postgresql16-contrib / postgresql16-devel / etc (SUSE-SU-2025:01767-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:01767-1 advisory. Upgrade to 16.9: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation...

5.9CVSS6.6AI score0.00612EPSS

Tenable Nessus•added 2025/05/31 12:0 a.m.•3 views

SUSE SLES15 Security Update : postgresql15 (SUSE-SU-2025:01785-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01785-1 advisory. Upgrade to 15.13: - CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fail...

5.9CVSS6.7AI score0.00612EPSS

Tenable Nessus•added 2025/05/29 12:0 a.m.•12 views

Amazon Linux 2 : postgresql (ALAS-2025-2866)

The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2866 advisory. Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, an...

8.1CVSS8.2AI score0.89472EPSS

Exploits10References4

Tenable Nessus•added 2025/05/29 12:0 a.m.•6 views

Amazon Linux 2 : postgresql (ALASPOSTGRESQL13-2025-011)

The version of postgresql installed on the remote host is prior to 13.21-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL13-2025-011 advisory. Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary deni...

5.9CVSS6.7AI score0.00612EPSS

RedhatCVE•added 2025/05/22 6:51 p.m.•7 views

CVE-2021-43767

Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is configured to use the PostgreSQL server using 'trust' authentication with a 'clientcert' requirement or to use 'cert' authentication, a man-in-the-middle attacker can inject false responses to the client's...

5.9CVSS7.1AI score0.01501EPSS

OpenVAS•added 2025/05/22 12:0 a.m.•4 views

Ubuntu: Security Advisory (USN-7520-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.1AI score0.00612EPSS

Ubuntu•added 2025/05/21 11:21 a.m.•3 views

USN-7520-2: PostgreSQL vulnerability

USN-7520-1 fixed a vulnerability in PostgreSQL. This update provides the corresponding updates for Ubuntu 25.04. Original advisory details: It was discovered that PostgreSQL incorrectly handled the GB18030 encoding. An attacker could possibly use this issue to cause PostgreSQL to crash, resulting...

5.9CVSS6.9AI score0.00612EPSS

Ubuntu•added 2025/05/20 12:14 p.m.•6 views

USN-7520-1: PostgreSQL vulnerability

It was discovered that PostgreSQL incorrectly handled the GB18030 encoding. An attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service...

5.9CVSS6.8AI score0.00612EPSS

OSV•added 2025/05/20 12:14 p.m.•5 views

USN-7520-1 postgresql-12, postgresql-14, postgresql-16 vulnerability

It was discovered that PostgreSQL incorrectly handled the GB18030 encoding. An attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service...

5.9CVSS7.1AI score0.00612EPSS

Tenable Nessus•added 2025/05/14 12:0 a.m.•3 views

Alibaba Cloud Linux 3 : 0031: postgresql:13 (ALINUX3-SA-2024:0031)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0031 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-0985: Late privilege drop in REFRESH...

8CVSS7.9AI score0.01465EPSS