Lucene search
K

292 matches found

NVD
NVD
added 2013/04/04 5:55 p.m.18 views

CVE-2013-1900

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."...

8.5CVSS9AI score0.04511EPSS
Exploits0References21
Prion
Prion
added 2013/04/04 5:55 p.m.25 views

Code injection

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."...

8.5CVSS6.7AI score0.04511EPSS
Exploits0References21Affected Software2
PostrgeSql
PostrgeSql
added 2013/04/04 5:0 p.m.748 views

Vulnerability in contrib module (CVE-2013-1900)

Random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess...

8.5CVSS7.8AI score0.04511EPSS
Exploits0Affected Software1
CVE
CVE
added 2013/04/04 5:0 p.m.147 views

CVE-2013-1900

CVE-2013-1900 affects PostgreSQL across multiple branches (9.2.x <9.2.4, 9.1.x <9.1.9, 9.0.x <9.0.13, 8.4.x

8.5CVSS6.7AI score0.04511EPSS
Exploits0References21Affected Software1
Debian
Debian
added 2013/04/04 2:6 p.m.40 views

[SECURITY] [DSA 2658-1] postgresql-9.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2658-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano April 04, 2013 http://www.debian.org/security/faq -...

8.5CVSS1.3AI score0.54312EPSS
Exploits4
Debian
Debian
added 2013/04/04 1:47 p.m.52 views

[SECURITY] [DSA 2657-1] postgresql-8.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2657-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano April 04, 2013 http://www.debian.org/security/faq -...

8.5CVSS9.5AI score0.54312EPSS
Exploits4
OpenVAS
OpenVAS
added 2013/04/04 12:0 a.m.31 views

Debian Security Advisory DSA 2658-1 (postgresql-9.1 - several vulnerabilities)

Several vulnerabilities were discovered in PostgreSQL database server. CVE-2013-1899Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source Software Center discovered that it was possible for a connection request containing a database name that begins with - to be crafted that can damage or...

8.5CVSS0.5AI score0.54312EPSS
Exploits4References1
UbuntuCve
UbuntuCve
added 2013/04/04 12:0 a.m.27 views

CVE-2013-1900

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."...

8.5CVSS7.3AI score0.04511EPSS
Exploits0References3
OSV
OSV
added 2013/04/04 12:0 a.m.29 views

DSA-2657-1 postgresql-8.4 - guessable random numbers

Bulletin has no description...

8.5CVSS7.3AI score0.04511EPSS
Exploits0
FreeBSD
FreeBSD
added 2013/04/04 12:0 a.m.50 views

PostgreSQL -- anonymous remote access data corruption vulnerability

PostgreSQL project reports: The PostgreSQL Global Development Group has released a security update to all current versions of the PostgreSQL database system, including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security vulnerability in versions 9.0 and later. Al...

8.5CVSS9.2AI score0.54312EPSS
Exploits4
OSV
OSV
added 2013/04/04 12:0 a.m.34 views

DSA-2658-1 postgresql-9.1 - several

Bulletin has no description...

8.5CVSS7.4AI score0.54312EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2012/12/28 12:0 a.m.39 views

PostgreSQL 8.3 < 8.3.19 / 8.4 < 8.4.12 / 9.0 < 9.0.8 / 9.1 < 9.1.4 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 8.3.x prior to 8.3.19, 8.4.x prior to 8.4.12, 9.0.x prior to 9.0.8, or 9.1.x prior to 9.1.4. As such, it is potentially affected by multiple vulnerabilities : - Passwords containing the byte 0x80 passed to the crypt function in pgcrypto ar...

4.3CVSS8.1AI score0.05734EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2012/08/03 12:0 a.m.24 views

Mandriva Update for postgresql MDVSA-2012:092 (postgresql)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS8.4AI score0.05734EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.45 views

Scientific Linux Security Update : postgresql on SL4.x, SL5.x, SL6.x i386/x86_64

PostgreSQL is an advanced object-relational database management system DBMS. A signedness issue was found in the way the crypt function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII...

5CVSS7AI score0.04972EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.40 views

Scientific Linux Security Update : postgresql84 on SL5.x i386/x86_64

PostgreSQL is an advanced object-relational database management system DBMS. A signedness issue was found in the way the crypt function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII...

5CVSS7AI score0.04972EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.53 views

Scientific Linux Security Update : postgresql on SL5.x i386/x86_64 (20120625)

PostgreSQL is an advanced object-relational database management system DBMS. A flaw was found in the way the crypt password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed...

4.3CVSS7.8AI score0.05734EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.29 views

CentOS Update for postgresql CESA-2011:1377 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.4AI score0.04972EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.23 views

CentOS Update for postgresql CESA-2011:1377 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.4AI score0.04972EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.38 views

CentOS Update for postgresql CESA-2012:1036 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS8.4AI score0.05734EPSS
Exploits0References2
PostrgeSql
PostrgeSql
added 2012/07/05 2:0 p.m.607 views

Vulnerability in contrib module (CVE-2012-2143)

Passwords containing the byte 0x80 passed to the crypt function in pgcrypto are incorrectly truncated if DES encryption was used...

4.3CVSS8AI score0.05734EPSS
Exploits0Affected Software1
Rows per page
Query Builder