Lucene search
K

13 matches found

GithubExploit
GithubExploit
added 2026/05/18 5:14 p.m.79 views

db-security-ctf

Database Security – CTF Vulnerability Lab SEC304 / CN5134...

5.8AI score
Exploits0
Rockylinux
Rockylinux
added 2026/01/14 9:11 a.m.4 views

postgresql security update

An update is available for postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management system DBM...

5.9CVSS7AI score0.00307EPSS
Exploits0
OSV
OSV
added 2025/08/18 4:44 p.m.6 views

CVE-2025-55282 aiven-db-migrate allows Privilege Escalation via unrestricted search_path during migration

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of searchpath restriction, an attacke...

9.1CVSS7.1AI score0.00675EPSS
Exploits0References4
CVE
CVE
added 2025/04/04 2:49 p.m.73 views

CVE-2025-31480

The CVE-2025-31480 affects the aiven-extras PostgreSQL extension. The root cause is the format function not being schema-prefixed, enabling privilege escalation to superuser in PostgreSQL databases that have aiven-extras installed. Remediation per the sources is to upgrade to version 1.1.16 and, ...

9.1CVSS9.4AI score0.00427EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2014-0067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The make check command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a...

4.6CVSS6.7AI score0.00484EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2024/11/15 4:6 a.m.3 views

SUSE CVE-2024-10978

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...

4.2CVSS9.4AI score0.00705EPSS
Exploits0References21
OSV
OSV
added 2024/11/14 1:15 p.m.2 views

ALPINE-CVE-2024-10978

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...

4.2CVSS6.8AI score0.00705EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.6 views

FreeBSD : PostgreSQL -- SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID (12e3feab-a29f-11ef-af48-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 12e3feab-a29f-11ef-af48-6cc21735f730 advisory. PostgreSQL project reports: Incorrect privilege assignment in PostgreSQL allows a less-privileged...

4.2CVSS6.4AI score0.00705EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.3 views

SUSE CVE-2007-6600

PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for 1 VACUUM and 2 ANALYZE operations within index functions, and supports 3 SET ROLE and 4 SET SESSION AUTHORIZATION within inde...

6.5CVSS7.2AI score0.03098EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.180 views

PostgreSQL 9.4-0.5.3 - Privilege Escalation

Exploit Title: PostgreSQL 9.4-0.5.3 - Privilege Escalation Date: 2017-10-11 Exploit Author: Johannes Segitz Vendor Homepage: https://bugzilla.suse.com/showbug.cgi?id=1062722 Software Link: - Version: Before postgresql-init-9.4-0.5.3.1 Tested on: SUSE Linux Enterprise 11 SP4 CVE : CVE-2017-14798...

7.3CVSS7.3AI score0.00978EPSS
Exploits4
Cvelist
Cvelist
added 2018/03/01 7:0 p.m.31 views

CVE-2017-14798 local privilege escalation in SUSE postgresql init script

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root...

7.3CVSS7.2AI score0.00978EPSS
Exploits4References4
Debian
Debian
added 2010/05/25 11:30 a.m.30 views

[Backports-security-announce] Security Update for postgresql-8.4

Gerfried Fuchs uploaded new packages for postgresql-8.4 which fixed the following security problems: CVE-2010-1169 PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict...

8.5CVSS4.7AI score0.04081EPSS
Exploits2
Gentoo Linux
Gentoo Linux
added 2005/02/07 12:0 a.m.32 views

PostgreSQL: Multiple vulnerabilities

Background PostgreSQL is a SQL compliant, open source object-relational database management system. Description PostgreSQL's contains several vulnerabilities: John Heasman discovered that the LOAD extension is vulnerable to local privilege escalation CAN-2005-0227. It is possible to bypass the...

7.5CVSS7.9AI score0.14473EPSS
Exploits1
Rows per page
Query Builder