CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : postgresql:15 (AXSA:2024-8739:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8739:01 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs...

8.8CVSS7.6AI score0.00743EPSS

Broadcom•added 2025/02/13 12:0 a.m.•5 views

PostgreSQL Vulnerable to Privilege Escalation via Improper Checks in 'pg_stats_ext' and 'pg_stats_ext_exprs' Functions

PostgreSQL is vulnerable to privilege escalation. An attacker could exploit this to access views without correct privileges, potentially gaining access to sensitive data that they shouldn't have access to...

4.3CVSS6.9AI score0.00263EPSS

Exploits0

AstraLinux•added 2024/11/23 3:4 a.m.•3 views

Astra Linux - уязвимость в postgresql-15

Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwi...

4.3CVSS6.9AI score0.00263EPSS

OSV•added 2024/09/17 12:54 a.m.•15 views

RLSA-2024:5927 Important: postgresql:16 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more detail...

8.8CVSS7.7AI score0.00743EPSS

Exploits0References2

Tenable Nessus•added 2024/09/16 12:0 a.m.•17 views

Rocky Linux 8 : postgresql:16 (RLSA-2024:5927)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5927 advisory. postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during pgdump...

8.8CVSS7.2AI score0.00743EPSS

Exploits0References4

RedHat Linux•added 2024/09/03 2:26 a.m.•3 views

postgresql: PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks

A flaw was found in PostgreSQL. Missing authorization in the built-in views pgstatsext and pgstatsextexprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the...

RedHat Linux•added 2024/08/29 11:0 a.m.•4 views

postgresql: PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks

Tenable Nessus•added 2024/08/29 12:0 a.m.•22 views

AlmaLinux 8 : postgresql:15 (ALSA-2024:6001)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6001 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack...

8.8CVSS7.1AI score0.00743EPSS

Exploits0References4

AlmaLinux•added 2024/08/29 12:0 a.m.•20 views

Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 For more detail...

8.8CVSS9AI score0.00743EPSS

AlmaLinux•added 2024/08/29 12:0 a.m.•12 views

Important: postgresql:15 security update

8.8CVSS9AI score0.00743EPSS

RedHat Linux•added 2024/08/28 12:11 p.m.•4 views

postgresql: PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks

RedHat Linux•added 2024/08/28 11:46 a.m.•5 views

postgresql: PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks

AlmaLinux•added 2024/08/28 12:0 a.m.•23 views

Important: postgresql:16 security update

8.8CVSS7.8AI score0.00743EPSS

OSV•added 2024/08/28 12:0 a.m.•15 views

ALSA-2024:5929 Important: postgresql:16 security update

8.8CVSS7.7AI score0.00743EPSS

OSV•added 2024/07/31 8:31 a.m.•11 views

SUSE-SU-2024:2262-2 Security update for postgresql14

This update for postgresql14 fixes the following issues: - Upgrade to 14.12 bsc1224051: - CVE-2024-4317: Restrict visibility of pgstatsext and pgstatsextexprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. bsc1224038...

4.3CVSS5.8AI score0.00263EPSS

Exploits0References4

Tenable Nessus•added 2024/07/31 12:0 a.m.•18 views

SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2024:2262-3)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2262-3 advisory. - Upgrade to 14.12 bsc1224051: - CVE-2024-4317: Restrict visibility of pgstatsext and pgstatsextexprs entries to the table owner. See releas...

4.3CVSS6.6AI score0.00263EPSS

OpenVAS•added 2024/07/10 12:0 a.m.•11 views

openSUSE Security Advisory (SUSE-SU-2024:2261-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.00263EPSS

Amazon•added 2024/06/14 12:0 a.m.•2 views

Low: postgresql15

Issue Overview: postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 Affected Packages: postgresql15 Issue Correction: Run dnf update postgresql15 --releasever 2023.4.20240611 or dnf update --advisory ALAS2023-2024-635 --releasever 2023.4.20240611 to updat...

4.3CVSS6.9AI score0.00263EPSS

Exploits0

UbuntuCve•added 2024/05/14 3:43 p.m.•48 views

CVE-2024-4317

4.3CVSS6.8AI score0.00263EPSS