Lucene search
K

536 matches found

NVD
NVD
added 2023/12/10 6:15 p.m.22 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS0.02775EPSS
Exploits0References27
Prion
Prion
added 2023/12/10 6:15 p.m.34 views

Design/Logic Flaw

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4CVSS6.5AI score0.02775EPSS
Exploits0References26Affected Software16
AlpineLinux
AlpineLinux
added 2023/12/10 5:56 p.m.20 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7AI score0.02775EPSS
Exploits0
CVE
CVE
added 2023/12/10 5:56 p.m.724 views

CVE-2023-5868

CVE-2023-5868 affects PostgreSQL memory handling via certain aggregate calls with unknown-type arguments, allowing remote access to parts of server memory through excessive output in aggregates. The issue is documented across multiple vendors' advisories, with remediation generally involving upgr...

4.3CVSS6.8AI score0.02775EPSS
Exploits0References27Affected Software1
Debian CVE
Debian CVE
added 2023/12/10 5:56 p.m.27 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.7AI score0.02775EPSS
Exploits0
Cvelist
Cvelist
added 2023/12/10 5:56 p.m.28 views

CVE-2023-5868 Postgresql: memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.6AI score0.02775EPSS
Exploits0References25
RedHat Linux
RedHat Linux
added 2023/12/07 8:26 a.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/07 8:26 a.m.5 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
OSV
OSV
added 2023/12/06 3:11 p.m.1 views

USN-6538-1 postgresql-12, postgresql-14, postgresql-15 vulnerabilities

Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2023-5868 Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL arra...

8.8CVSS7.4AI score0.04322EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/12/06 9:55 a.m.1 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/06 9:51 a.m.2 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/12/05 4:10 p.m.2 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/30 3:2 p.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/29 2:20 p.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/29 2:18 p.m.2 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/29 2:13 p.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/28 4:5 p.m.3 views

postgresql: Memory disclosure in aggregate function calls

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS7.4AI score0.02775EPSS
Exploits0References6
Veracode
Veracode
added 2023/11/27 9:7 p.m.22 views

Memory Disclosure

PostgreSQL is vulnerable to Memory Disclosure. The vulnerability is caused due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. This can lead to an attacker access sensitive information by exploiting certain aggregate function call...

4.3CVSS6.2AI score0.02775EPSS
Exploits0References27Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/11/16 12:0 a.m.6 views

The vulnerability of the PostgreSQL database management system lies in the lack of protection for service data in aggregate function calls, allowing attackers to exploit this to disclose protected information.

The vulnerability of the PostgreSQL database management system is related to the lack of protection for service data in aggregate function calls. Exploiting this vulnerability allows a malicious actor to disclose sensitive information when an unknown type is passed as an argument...

4.3CVSS6.3AI score0.02775EPSS
Exploits0References16Affected Software11
UbuntuCve
UbuntuCve
added 2023/11/15 12:0 a.m.27 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

4.3CVSS6.8AI score0.02775EPSS
Exploits0References6
Rows per page
Query Builder