Lucene search
K

13409 matches found

OSV
OSV
added 2024/05/14 3:43 p.m.1 views

DEBIAN-CVE-2024-4317

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

4.3CVSS6.5AI score0.00722EPSS
Exploits0References1
Chainguard
Chainguard
added 2024/05/14 3:43 p.m.5 views

CVE-2024-4317 vulnerabilities

Vulnerabilities for packages: postgresql...

4.3CVSS7AI score0.00722EPSS
Exploits0
Wolfi
Wolfi
added 2024/05/14 3:43 p.m.124 views

CVE-2024-4317 vulnerabilities

Vulnerabilities for packages: postgresql...

4.3CVSS7.5AI score0.00722EPSS
Exploits0
NVD
NVD
added 2024/05/14 3:43 p.m.18 views

CVE-2024-4317

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

4.3CVSS4.1AI score0.00722EPSS
Exploits0References2
OSV
OSV
added 2024/05/14 3:43 p.m.20 views

CVE-2024-4317

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

4.3CVSS6.6AI score0.00722EPSS
Exploits0References2
OSV
OSV
added 2024/05/14 3:43 p.m.0 views

UBUNTU-CVE-2024-4317

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

4.3CVSS7AI score0.00722EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/05/14 3:43 p.m.49 views

CVE-2024-4317

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

4.3CVSS6.8AI score0.00722EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2024/05/14 3:36 p.m.16 views

CVE-2024-32655

Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This cause...

8.1CVSS7.7AI score0.01716EPSS
Exploits0
NVD
NVD
added 2024/05/14 3:36 p.m.14 views

CVE-2024-32655

Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This cause...

8.1CVSS8.3AI score0.01716EPSS
Exploits0References15
OSV
OSV
added 2024/05/14 3:36 p.m.1 views

UBUNTU-CVE-2024-32655

Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This cause...

8.1CVSS6.2AI score0.01716EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/05/14 3:36 p.m.48 views

CVE-2024-32655

Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This cause...

8.1CVSS7.4AI score0.01716EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2024/05/14 7:0 a.m.3 views

PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks

...

4.3CVSS6.9AI score0.00722EPSS
Exploits0
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

Npgsql 安全漏洞

Npgsql is Npgsql open source an open source .NET data provider program for PostgreSQL. A security vulnerability exists in Npgsql that stems from an overflow issue that can be exploited by an attacker to execute arbitrary SQL statements...

8.1CVSS8.5AI score0.01716EPSS
Exploits0References15
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.2 views

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL. An attacker can exploi...

4.3CVSS6.8AI score0.00722EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.22 views

Rocky Linux 9 : postgresql (RLSA-2024:0951)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0951 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer...

8CVSS7.9AI score0.01465EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.17 views

Rocky Linux 9 : postgresql-jdbc (RLSA-2024:1436)

The remote Rocky Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:1436 advisory. - pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is n...

10CVSS7.9AI score0.0481EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/05/14 12:0 a.m.20 views

PostgreSQL 14.x < 14.12, 15.x < 15.7, 16.x < 16.3 Information Disclosure Vulnerability - Windows

PostgreSQL is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.3AI score0.00722EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/05/14 12:0 a.m.17 views

PostgreSQL 14.x < 14.12, 15.x < 15.7, 16.x < 16.3 Information Disclosure Vulnerability - Linux

PostgreSQL is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.3AI score0.00722EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/05/13 12:0 a.m.4 views

The vulnerability of the system representations pg_stats_ext and pg_stats_ext_exprs in the PostgreSQL database allows a perpetrator to enhance their privileges.

The vulnerability of the system representations pgstatsext and pgstatsextexprs in the PostgreSQL database is related to errors in privilege management. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

3.1CVSS6.5AI score0.00722EPSS
Exploits0References12Affected Software9
SUSE CVE
SUSE CVE
added 2024/05/11 2:38 a.m.2 views

SUSE CVE-2024-4317

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

6.2CVSS9.2AI score0.00722EPSS
Exploits0References16
Rows per page
Query Builder