Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

UbuntuCve
UbuntuCveadded 2025/11/13 12:0 a.m.3 views

CVE-2025-12817

Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before...

3.1CVSS6.1AI score0.00061EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2024/11/14 1:15 p.m.8 views

CVE-2024-10979

Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions...

8.8CVSS7.3AI score0.06356EPSS
Exploits1References4
SUSE CVE
SUSE CVEadded 2024/06/04 1:24 p.m.4 views

SUSE CVE-2019-9193

In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pgexecuteserverprogram' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary...

9CVSS7.6AI score0.93645EPSS
Exploits17References3
Broadcom
Broadcomadded 2023/05/19 12:0 a.m.38 views

CVE-2018-1053 - Ensure that all temporary files made with "pg_upgrade" are non-world-readable

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pgupgrade creates file in current working directory containing the output of pgdumpall -g under umask which was in effect when the user invoked pgupgrade, and not under 0077 which...

7CVSS6.6AI score0.00088EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2021/11/11 12:0 a.m.33 views

CVE-2021-23222

A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption...

5.9CVSS6.8AI score0.00281EPSS
Exploits0References4
Ubuntu
Ubuntuadded 2018/08/16 1:9 p.m.278 views

USN-3744-1: PostgreSQL vulnerabilities

Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

8.5CVSS7.6AI score0.01753EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2017/11/09 12:0 a.m.32 views

CVE-2017-15098

Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...

8.1CVSS7.1AI score0.00908EPSS
Exploits0References3
Ubuntu
Ubuntuadded 2016/08/18 6:43 p.m.57 views

USN-3066-1: PostgreSQL vulnerabilities

Heikki Linnakangas discovered that PostgreSQL incorrectly handled certain nested CASE/WHEN expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. CVE-2016-5423 Nathan Bossart discovered that PostgreSQL incorrectly handled speci...

8.3CVSS7.3AI score0.034EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2016/04/22 12:0 a.m.17 views

PostgreSQL 9.3 < 9.3.10 / 9.4 < 9.4.5 DoS

Binary data 9263.prm...

6.4CVSS7.3AI score0.06572EPSS
Exploits0References5
Rows per page
Query Builder