536 matches found
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
Design/Logic Flaw
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
CVE-2023-5868
CVE-2023-5868 affects PostgreSQL memory handling via certain aggregate calls with unknown-type arguments, allowing remote access to parts of server memory through excessive output in aggregates. The issue is documented across multiple vendors' advisories, with remediation generally involving upgr...
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
CVE-2023-5868 Postgresql: memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
USN-6538-1 postgresql-12, postgresql-14, postgresql-15 vulnerabilities
Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2023-5868 Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL arra...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
postgresql: Memory disclosure in aggregate function calls
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
Memory Disclosure
PostgreSQL is vulnerable to Memory Disclosure. The vulnerability is caused due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. This can lead to an attacker access sensitive information by exploiting certain aggregate function call...
The vulnerability of the PostgreSQL database management system lies in the lack of protection for service data in aggregate function calls, allowing attackers to exploit this to disclose protected information.
The vulnerability of the PostgreSQL database management system is related to the lack of protection for service data in aggregate function calls. Exploiting this vulnerability allows a malicious actor to disclose sensitive information when an unknown type is passed as an argument...
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...