Lucene search
K

8 matches found

OSV
OSV
added 2021/03/19 7:15 p.m.8 views

CVE-2019-10127

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having...

8.8CVSS7.2AI score0.00315EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/03/19 7:15 p.m.28 views

CVE-2019-10127

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having...

8.8CVSS7AI score0.00315EPSS
Exploits0References2
CVE
CVE
added 2021/03/19 6:52 p.m.124 views

CVE-2019-10127

CVE-2019-10127 affects PostgreSQL 11.x before 11.3, due to BigSQL/EnterpriseDB Windows installers failing to lock ACLs on the binary and data directories. This allows a local attacker with an unprivileged Windows and PostgreSQL account to cause the service account to execute arbitrary code, read ...

8.8CVSS8.6AI score0.00315EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/13 10:57 p.m.42 views

Security Bulletin: PostgreSQL vulnerabilities in IBM Robotic Process Automation with Automation Anywhere

Summary IBM Robotic Process Automation with Automation Anywhere is vulnerable to attacks involving PostgreSQL. Vulnerability Details CVEID: CVE-2019-10130 DESCRIPTION: PostgreSQL could allow a remote authenticated attacker to bypass security restrictions, caused by improper input validation by th...

8.8CVSS1.8AI score0.01633EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2019/08/01 12:0 a.m.65 views

PostgreSQL 9.4.x < 9.4.22, 9.5.x < 9.5.17, 9.6.x < 9.6.13, 10.x < 10.8, 11.x < 11.3 Code Execution Vulnerability - Windows

PostgreSQL is prone to an arbitrary code execution vulnerability due to BigSQL and EnterpriseDB Windows installer not clearing permissive ACL entries. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

8.8CVSS8.5AI score0.00428EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/05/17 12:0 a.m.64 views

PostgreSQL 9.4.x < 9.4.22 / 9.5.x < 9.5.17 / 9.6.x < 9.6.13 / 10.x < 10.8 / 11.x < 11.3 Multiple vulnerabilities

The version of PostgreSQL installed on the remote host is 9.4.x prior to 9.4.22, 9.5.x prior to 9.5.17, 9.6.x prior to 9.6.13, 10.x prior to 10.8, or 11.x prior to 11.3. It is, therefore, affected by multiple vulnerabilities. - A remote code execution vulnerability exists in both, the BigSQL and...

8.8CVSS7.3AI score0.01633EPSS
Exploits1References5
PostrgeSql
PostrgeSql
added 2019/05/09 12:0 a.m.90 views

Vulnerability in packaging (CVE-2019-10127)

BigSQL Windows installer does not clear permissive ACL entries. Due to both the EnterpriseDB and BigSQL Windows installers not locking down the permissions of the PostgreSQL binary installation directory and the data directory, an unprivileged Windows user account and an unprivileged PostgreSQL...

8.8CVSS8.9AI score0.00315EPSS
Exploits0References1Affected Software1
Kaspersky
Kaspersky
added 2019/05/09 12:0 a.m.51 views

KLA11572 Multiple vulnerabilities in PostgreSQL

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A vulnerability in PostgreSQL can be exploited via reading th...

8.8CVSS8.1AI score0.01633EPSS
Exploits1References3
Rows per page
Query Builder