Lucene search
K

48 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:32 a.m.3 views

SUSE CVE-2014-0060

PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command...

4CVSS7.1AI score0.04124EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2014-0205)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.3AI score0.06666EPSS
Exploits6References7
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2014:0461-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.2AI score0.06666EPSS
Exploits6References2
Veracode
Veracode
added 2019/05/02 5:1 a.m.42 views

Integer Overflow

PostgreSQL is an advanced object-relational database management system DBMS. Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause...

6.5CVSS10.1AI score0.06666EPSS
Exploits5References30Affected Software4
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.32 views

Oracle: Security Advisory (ELSA-2014-0211)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6AI score0.06666EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.40 views

Oracle: Security Advisory (ELSA-2014-0249)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6AI score0.06666EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.34 views

Amazon Linux: Security Advisory (ALAS-2014-305)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6AI score0.06666EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.35 views

Amazon Linux: Security Advisory (ALAS-2014-306)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6AI score0.06666EPSS
Exploits5References2
RedHat Linux
RedHat Linux
added 2014/05/12 6:12 p.m.82 views

Important: Red Hat Security Advisory: cfme security, bug fix, and enhancement update

Updated cfme packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat CloudForms 3.0. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whi...

6.5CVSS7.5AI score0.06666EPSS
Exploits7References13
seebug.org
seebug.org
added 2014/04/08 12:0 a.m.322 views

Nixu NameSurfer多个安全漏洞

CVE ID:CVE-2014-0060、CVE-2014-0061、CVE-2014-0062、CVE-2014-0063、CVE-2014-0064、CVE-2014-0065、CVE-2014-0066 Nixu NameSurfer是一个实现集中地址管理覆盖的IPAM软件应用解决方案。 Nixu NameSurfer存在多个安全漏洞: 1,部分输入在使用之前缺少过滤,允许攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 2,解析XML实体时存在错误,允许攻击者利用特制的包含外部实体引用的XML文档来获取本地资源数据或消耗服务器资源。...

6.5CVSS0.2AI score0.06666EPSS
Exploits5
Kaspersky
Kaspersky
added 2014/03/31 12:0 a.m.75 views

KLA10297 Multiple vulnerabilities in PostgreSQL

Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service, unauthorized tables access, bypass group politics restrictions and gain privileges. Below is a complete list of vulnerabilities 1. An improper value check...

6.5CVSS8.4AI score0.06666EPSS
Exploits5References3
CVE
CVE
added 2014/03/28 5:0 p.m.238 views

CVE-2014-0060

CVE-2014-0060 affects PostgreSQL: versions 8.4.19 and earlier, 9.0.x <= 9.0.15, 9.1.x <= 9.1.11, 9.2.x <= 9.2.6, and 9.3.x

4CVSS5.2AI score0.04124EPSS
Exploits2References18Affected Software1
Cvelist
Cvelist
added 2014/03/28 5:0 p.m.31 views

CVE-2014-0060

PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command...

5.3AI score0.04124EPSS
Exploits2References18
Tenable Nessus
Tenable Nessus
added 2014/03/18 12:0 a.m.38 views

Amazon Linux AMI : postgresql8 (ALAS-2014-305)

Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions ...

6.5CVSS8AI score0.06666EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2014/03/18 12:0 a.m.47 views

Amazon Linux AMI : postgresql9 (ALAS-2014-306)

Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions ...

6.5CVSS8AI score0.06666EPSS
Exploits5References8
Check Point Advisories
Check Point Advisories
added 2014/03/17 12:0 a.m.4 views

PostgreSQL Database SET ROLE Security Bypass (CVE-2014-0060)

A policy bypass vulnerability has been found in PostgreSQL database server. The vulnerability is due to a design weakness when granting a role without ADMIN OPTION. A remote attacker can exploit the vulnerability to cause a policy bypass allowing execution of a security-restricted operation or a...

7AI score0.04124EPSS
Exploits2
Amazon
Amazon
added 2014/03/13 12:0 a.m.36 views

Important: postgresql8

Issue Overview: Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause PostgreSQL to crash or, potentially, execute arbitrary code with...

6.5CVSS8.6AI score0.06666EPSS
Exploits5References1
Amazon
Amazon
added 2014/03/13 12:0 a.m.47 views

Important: postgresql9

Issue Overview: Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause PostgreSQL to crash or, potentially, execute arbitrary code with...

6.5CVSS8.6AI score0.06666EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.29 views

CentOS Update for postgresql CESA-2014:0249 centos5

Check for the Version of postgresql OpenVAS Vulnerability Test CentOS Update for postgresql CESA-2014:0249 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

6.5CVSS0.2AI score0.06666EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.29 views

RedHat Update for postgresql RHSA-2014:0249-01

Check for the Version of postgresql OpenVAS Vulnerability Test RedHat Update for postgresql RHSA-2014:0249-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

6.5CVSS0.3AI score0.06666EPSS
Exploits5References2
Rows per page
Query Builder