Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

229 matches found

Tenable Nessus
Tenable Nessusadded 2005/02/15 12:0 a.m.21 views

GLSA-200502-19 : PostgreSQL: Buffer overflows in PL/PgSQL parser

The remote host is affected by the vulnerability described in GLSA-200502-19 PostgreSQL: Buffer overflows in PL/PgSQL parser PostgreSQL is vulnerable to several buffer overflows in the PL/PgSQL parser. Impact : A remote attacker could send a malicious query resulting in the execution of arbitrary...

6.5CVSS6.3AI score0.0195EPSS
Exploits0References2
OSV
OSVadded 2005/02/15 12:0 a.m.19 views

DSA-683-1 postgresql - buffer overflows

Bulletin has no description...

7.5CVSS5.9AI score0.23114EPSS
Exploits1
Gentoo Linux
Gentoo Linuxadded 2005/02/14 12:0 a.m.30 views

PostgreSQL: Buffer overflows in PL/PgSQL parser

Background PostgreSQL is a SQL compliant, open source object-relational database management system. Description PostgreSQL is vulnerable to several buffer overflows in the PL/PgSQL parser. Impact A remote attacker could send a malicious query resulting in the execution of arbitrary code with the...

6.5CVSS7.5AI score0.0195EPSS
Exploits0
PostrgeSql
PostrgeSqladded 2005/02/08 5:0 a.m.74 views

Vulnerability in core server (CVE-2005-0245)

Multiple buffer overflows in the PL/PGSQL parser may allow attackers to execute arbitrary code. A valid login is required to exploit this vulnerability...

7.5CVSS6.8AI score0.23114EPSS
Exploits1Affected Software1
PostrgeSql
PostrgeSqladded 2005/02/08 5:0 a.m.61 views

Vulnerability in core server (CVE-2005-0247)

Multiple buffer overflows in the PL/PGSQL parser may allow attackers to execute arbitrary code. A valid login is required to exploit this vulnerability...

6.5CVSS6.7AI score0.0195EPSS
Exploits0Affected Software1
FreeBSD
FreeBSDadded 2005/02/07 12:0 a.m.28 views

postgresql -- multiple buffer overflows in PL/PgSQL parser

The PL/PgSQL parser in postgresql is vulnerable to several buffer overflows. These could be exploited by a remote attacker to execute arbitrary code with the permissions of the postgresql server by running a specially crafted query...

6.5CVSS7.3AI score0.0195EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2004/09/29 12:0 a.m.28 views

Debian DSA-370-1 : pam-pgsql - format string

Florian Zumbiehl reported a vulnerability in pam-pgsql whereby the username to be used for authentication is used as a format string when writing a log message. This vulnerability may allow an attacker to execute arbitrary code with the privileges of the program requesting PAM authentication...

7.5CVSS5.9AI score0.01882EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2004/09/29 12:0 a.m.25 views

Debian DSA-469-1 : pam-pgsql - missing input sanitising

Primoz Bratanic discovered a bug in libpam-pgsql, a PAM module to authenticate using a PostgreSQL database. The library does not escape all user-supplied data that are sent to the database. An attacker could exploit this bug to insert SQL statements. %NASLMINLEVEL 70300 C Tenable Network Security...

7.5CVSS5.7AI score0.00563EPSS
Exploits0References3
NVD
NVDadded 2004/05/04 4:0 a.m.14 views

CVE-2004-0366

SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements...

7.5CVSS7.9AI score0.00563EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2004/04/06 4:0 a.m.14 views

CVE-2004-0366

Removed by vendor...

7.5CVSS6.7AI score0.00563EPSS
Exploits0
Cvelist
Cvelistadded 2004/04/06 4:0 a.m.14 views

CVE-2004-0366

SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements...

7.8AI score0.00563EPSS
Exploits0References4
CVE
CVEadded 2004/04/06 4:0 a.m.60 views

CVE-2004-0366

CVE-2004-0366 affects libpam-pgsql (pam-pgsql) with a SQL injection vulnerability present in versions prior to 0.5.2. The underlying issue is missing input sanitising that allows an attacker to insert arbitrary SQL statements when data is sent to PostgreSQL. Debian and OpenVAS entries document th...

7.5CVSS7.8AI score0.00563EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2004/04/06 12:0 a.m.3 views

PT-2004-1520 · Unknown · Libpam-Pgsql

Name of the Vulnerable Software and Affected Versions: libpam-pgsql versions prior to 0.5.2 Description: The issue allows attackers to execute arbitrary SQL statements due to a SQL injection vulnerability in the libpam-pgsql library. Recommendations: For versions prior to 0.5.2, update to version...

7.5CVSS7.7AI score0.00563EPSS
Exploits0References6
Debian
Debianadded 2004/03/29 1:44 p.m.17 views

[SECURITY] [DSA 469-1] New libpam-pgsql packages fix SQL injection

-------------------------------------------------------------------------- Debian Security Advisory DSA 469-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2004 http://www.debian.org/security/faq -...

7.5CVSS6.5AI score0.00563EPSS
Exploits0
Debian
Debianadded 2004/03/29 1:44 p.m.21 views

[SECURITY] [DSA 469-1] New libpam-pgsql packages fix SQL injection

-------------------------------------------------------------------------- Debian Security Advisory DSA 469-1 [email protected] http://www.debian.org/security/ Martin Schulze March 29th, 2004 http://www.debian.org/security/faq -...

7.5CVSS0.4AI score0.00563EPSS
Exploits0
OSV
OSVadded 2004/03/29 12:0 a.m.12 views

DSA-469 pam-pgsql - missing input sanitising

Bulletin has no description...

7.5CVSS6.4AI score0.00563EPSS
Exploits0
NVD
NVDadded 2003/08/27 4:0 a.m.8 views

CVE-2003-0672

Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message...

7.5CVSS7.5AI score0.01882EPSS
Exploits0References1
Cvelist
Cvelistadded 2003/08/14 4:0 a.m.16 views

CVE-2003-0672

Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message...

7.5AI score0.01882EPSS
Exploits0References1
CVE
CVEadded 2003/08/14 4:0 a.m.54 views

CVE-2003-0672

CVE-2003-0672 describes a format-string vulnerability in pam-pgsql 0.5.2 and earlier, where the username supplied during authentication is treated as a format string when writing logs. This can allow remote attackers to execute arbitrary code with the privileges of the PAM-authenticating process....

7.5CVSS7.5AI score0.01882EPSS
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2003/08/10 12:0 a.m.54 views

[SECURITY] [DSA-370-1] New pam-pgsql packages fix format string vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 370-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 8th, 2003 http://www.debian.org/security/faq -...

7.5CVSS0.7AI score0.01882EPSS
Exploits0
Rows per page
Query Builder