CVE-2026-6479 PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AFUNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18....

KLA91052 Multiple vulnerabilities in PostgreSQL

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in refint can be exploited to...

EUVD-2007-4753

Malware in sbrugna...

EUVD-2007-4750

Malware in sbrugna...

ROS-20250822-21

A vulnerability in the PHP programming language interpreter is related to insufficient null byte checking in the implementation of the fsockopen function when handling hostnames. Exploitation of the vulnerability could allow an attacker acting remotely to perform SSRF attacks A vulnerability in t...

PostgreSQL DoS Vulnerability (Feb 2025) - Windows

PostgreSQL is prone to a denial of service DoS vulnerability due to a buffer over-read. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OESA-2023-1133 rubygem-activerecord security update

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. Security Fixes: A denial of service vulnerability present in...

CVE-2017-18359

PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted STAsX3D function input, as demonstrated by an abnormal server termination for "SELECT STAsX3D'LINESTRING EMPTY';" because empty geometries are mishandled...

CVE-2012-4575

The adddatabase function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service daemon outage via a long database name in a request...

CVE-2010-0733

Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service daemon crash via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations...

CVE-2002-1397

Vulnerability in the cashwords function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow...