Lucene search
K

29 matches found

CVE
CVE
added 2023/12/12 12:0 a.m.37 views

CVE-2023-41115

CVE-2023-41115 affects EnterpriseDB Postgres Advanced Server (EPAS). The issue arises in the UTL_ENCODE function: authenticated users can read large objects regardless of permissions due to improper permission validation. Affected EPAS/EDB versions include 11.x up to 15.x before the stated fixes ...

6.5CVSS6.3AI score0.00589EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.5 views

EnterpriseDB Postgres Advanced Server Security Vulnerability

EnterpriseDB Postgres Advanced Server EPAS is an application from EnterpriseDB, Inc. It is used to extend the functionality of Postgres databases. A security vulnerability exists in EnterpriseDB Postgres Advanced Server that originates from the inclusion of packages, standalone packages, and...

9.8CVSS6.8AI score0.00759EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/12/12 12:0 a.m.21 views

CVE-2023-41113

An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It allows an authenticated user to to obtain information about whether certain files exist on disk, what errors if any occ...

4.3CVSS4.7AI score0.00474EPSS
Exploits0References1
CVE
CVE
added 2023/12/12 12:0 a.m.38 views

CVE-2023-41120

CVE-2023-41120 affects EnterpriseDB Postgres Advanced Server (EPAS) and EDB Postgres Advanced Server variants. A flaw in DBMS_PROFILER allows an authenticated user to remove all accumulated profiling data on a system-wide basis, bypassing permissions. Affected versions include EPAS before 11.21.3...

6.5CVSS6.3AI score0.00526EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/12 12:0 a.m.33 views

CVE-2023-41119

The CVE-2023-41119 issue affects EnterpriseDB Postgres Advanced Server (EPAS) due to the function _dbms_aq_move_to_exception_queue, which can be used to elevate a user’s privileges to superuser by operating on a table’s OID with superuser rights. Affected EPAS versions are: 11.x before 11.21.32; ...

8.8CVSS8.5AI score0.00625EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.4 views

EnterpriseDB Postgres Advanced Server Security Vulnerability

EnterpriseDB Postgres Advanced Server EPAS is an application from EnterpriseDB, Inc. used to extend the functionality of Postgres databases. A security vulnerability exists in EnterpriseDB Postgres Advanced Server that originates from the inclusion of the publicly executable functions geturlastex...

6.5CVSS6.5AI score0.00589EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.5 views

EnterpriseDB Postgres Advanced Server Security Vulnerability

EnterpriseDB Postgres Advanced Server EPAS is an application from EnterpriseDB, Inc. used to extend the functionality of Postgres databases. A security vulnerability exists in EnterpriseDB Postgres Advanced Server that originates from allowing authenticated users to access certain information...

4.3CVSS6.6AI score0.00474EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/23 12:0 a.m.6 views

PT-2023-23120 · Enterprisedb · Edb Postgres Advanced Server

Name of the Vulnerable Software and Affected Versions: EnterpriseDB EDB Postgres Advanced Server EPAS versions prior to 10.23.33 EnterpriseDB EDB Postgres Advanced Server EPAS versions prior to 11.18.29 EnterpriseDB EDB Postgres Advanced Server EPAS versions prior to 12.13.17 EnterpriseDB EDB...

7.5CVSS7.4AI score0.0043EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/03 8:39 p.m.37 views

Security Bulletin: EDB PostreSQL with IBM, EDB Postgres Advanced Server with IBM, IBM Data Management Platform (Enterprise, Standard) are vulnerable to an SQL Injection (CVE-2021-23214)

Summary EDB PostreSQL with IBM and EDB Postgres Advanced Server with IBM are vulnerable to an SQL Injection Vulnerability Details CVEID: CVE-2021-23214 DESCRIPTION: PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements when the server is configur...

8.1CVSS7.4AI score0.01901EPSS
Exploits0Affected Software1
Rows per page
Query Builder