Lucene search
K

266 matches found

seebug.org
seebug.org
added 2012/02/29 12:0 a.m.615 views

PostgreSQL 8.x/9.x 存在多个安全漏洞

CVE-2012-0866 CVE-2012-0867 CVE-2012-0868 PostgreSQL是一款对象关系型数据库管理系统,支持扩展的SQL标准子集 PostgreSQL存在多个安全漏洞,允许恶意用户绕过部分安全限制,进行伪造攻击或操作某些数据 -在触发函数上没有对CREATE TRIGGER进行正确的权限检查,可利用此漏洞标记触发函数为SECURITY DEFINER,可授权EXECUTE权限 -在校验SSL证书的公用名时不正确把名称截断为32个字符,可导致不正确校验伪造证书...

6.8CVSS7AI score0.03625EPSS
Exploits1
Debian
Debian
added 2010/10/10 12:48 p.m.38 views

BSA-005 Security Update for postgresql-8.4

Gerfried Fuchs uploaded new packages for postgresql-8.4 which fixed the following security problem: CVE-2010-3433 The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before...

8.5CVSS2AI score0.04081EPSS
Exploits3
Debian
Debian
added 2010/05/25 11:30 a.m.30 views

[Backports-security-announce] Security Update for postgresql-8.4

Gerfried Fuchs uploaded new packages for postgresql-8.4 which fixed the following security problems: CVE-2010-1169 PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict...

8.5CVSS4.7AI score0.04081EPSS
Exploits2
OpenVAS
OpenVAS
added 2009/10/13 12:0 a.m.24 views

SLES10: Security update for PostgreSQL

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-libs postgresql-pl postgresql-server More details may also be found by searching fo...

6.8CVSS0.3AI score0.07568EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.22 views

SLES9: Security update for PostgreSQL

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: postgresql-libs postgresql-pl postgresql-devel postgresql-docs postgresql postgresql-server postgresql-contrib For more information, please visit the...

7.5CVSS6.4AI score0.14473EPSS
Exploits1References1
Debian
Debian
added 2008/01/13 3:45 p.m.31 views

[SECURITY] [DSA 1460-1] New postgresql-8.1 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1460-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 13, 2008 http://www.debian.org/security/faq -...

7.2CVSS10AI score0.03855EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2007/04/30 12:0 a.m.22 views

Mandrake Linux Security Advisory : postgresql (MDKSA-2007:094)

A weakness in previous versions of PostgreSQL was found in the security definer functions in which an authenticated but otherwise unprivileged SQL user could use temporary objects to execute arbitrary code with the privileges of the security-definer function. IMPORTANT NOTICE FOR CORPORATE...

6CVSS7.3AI score0.03184EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.29 views

Fedora Core 5 : postgresql-8.1.4-1.FC5.1 (2006-578)

Mon May 22 2006 Tom Lane 8.1.4-1.FC5.1 - Update to PostgreSQL 8.1.4 includes fixes for CVE-2006-2313, CVE-2006-2314; see bug 192173 - Update to PyGreSQL 3.8 - Update to jdbc driver build 406 - Suppress noise from chcon, per bug 187744 Note that Tenable Network Security has extracted the preceding...

7.5CVSS5.3AI score0.02792EPSS
Exploits0References1
NVD
NVD
added 2005/05/02 4:0 a.m.16 views

CVE-2005-0244

PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command...

6.5CVSS6.1AI score0.01968EPSS
Exploits0References9
Exploit DB
Exploit DB
added 2005/04/19 12:0 a.m.36 views

PostgreSQL 8.01 - Remote Reboot (Denial of Service)

/ PostgreSQL Remote Reboot include include include include include define DEFAULTPORT "5321" define DEFAULTDB "postgresql" define FUNCNAME "uKttest" define TABLENAME "unl0cktable" char str4000; char create="CREATE OR REPLACE FUNCTION %s RETURNS integer AS $$\n"; char declare = "DECLARE\n"; char c...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2005/02/16 4:25 p.m.25 views

Important: Red Hat Security Advisory: postgresql security update

Updated PostgreSQL packages to fix various security flaws are now available for Red Hat Enterprise Linux 2.1AS. This update has been rated as having important security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system DBMS. A flaw...

7.5CVSS6.1AI score0.14473EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.35 views

RHEL 2.1 : postgresql (RHSA-2005:150)

Updated PostgreSQL packages to fix various security flaws are now available for Red Hat Enterprise Linux 2.1AS. This update has been rated as having important security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system DBMS. A flaw...

7.5CVSS5.9AI score0.14473EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2005/02/15 10:2 a.m.32 views

Important: Red Hat Security Advisory: postgresql security update

Updated postresql packages that correct various security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. A flaw in the LOAD command in PostgreSQL was discovered. A local user could use...

7.5CVSS6.1AI score0.14473EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2005/02/14 12:0 a.m.31 views

RHEL 3 : rh-postgresql (RHSA-2005:141)

Updated PostgreSQL packages to fix various security flaws are now available for Red Hat Enterprise Linux 3. PostgreSQL is an advanced Object-Relational database management system DBMS. A flaw in the LOAD command in PostgreSQL was discovered. A local user could use this flaw to load arbitrary shar...

7.5CVSS6.1AI score0.14473EPSS
Exploits1References11
Cvelist
Cvelist
added 2005/02/08 5:0 a.m.26 views

CVE-2005-0246

The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service crash via crafted arrays...

6.1AI score0.0261EPSS
Exploits0References9
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.26 views

CVE-2005-0227

PostgreSQL pgsql 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension...

6.4AI score0.00499EPSS
Exploits0References13
Debian
Debian
added 2005/02/04 5:3 p.m.9 views

[SECURITY] [DSA 667-1] New PostgreSQL packages fix arbitrary library loading

-------------------------------------------------------------------------- Debian Security Advisory DSA 667-1 [email protected] http://www.debian.org/security/ Martin Schulze February 4th, 2005 http://www.debian.org/security/faq -...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2004/12/20 5:54 p.m.20 views

Low: Red Hat Security Advisory: rh-postgresql security update

Updated rh-postgresql packages that fix various bugs are now available. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects, and user-defined types and functions. Trustix has identified improper...

2.1CVSS5.9AI score0.00452EPSS
Exploits0References6
Cvelist
Cvelist
added 2003/10/30 5:0 a.m.27 views

CVE-2003-0901

Buffer overflow in toascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code...

7.5AI score0.04637EPSS
Exploits0References7
securityvulns
securityvulns
added 2003/10/01 12:0 a.m.25 views

teapop SQL injection

SQL injection is possible during authentication if postgresql or mysql is used...

1.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder