Lucene search
K

212 matches found

Chainguard
Chainguard
added 2025/02/25 1:11 p.m.9 views

GHSA-37XW-RPJG-XXFX vulnerabilities

Vulnerabilities for packages: postgresql...

7.3AI score
Exploits0
Chainguard
Chainguard
added 2025/02/25 1:11 p.m.5 views

GHSA-MHW9-X46C-V6Q4 vulnerabilities

Vulnerabilities for packages: postgresql...

5.4AI score
Exploits0
Chainguard
Chainguard
added 2025/02/25 1:11 p.m.3 views

GHSA-37V9-JH5M-F5PG vulnerabilities

Vulnerabilities for packages: postgresql...

5.4AI score
Exploits0
Chainguard
Chainguard
added 2025/02/25 1:11 p.m.2 views

GHSA-2R9H-X757-8J9Q vulnerabilities

Vulnerabilities for packages: postgresql...

5.4AI score
Exploits0
CVE
CVE
added 2025/02/13 1:0 p.m.772 views

CVE-2025-1094

CVE-2025-1094 affects PostgreSQL libpq and related command-line utilities. The issue is improper neutralization of quoting syntax in the libpq APIs PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn(), which can allow SQL injection when the application uses the func...

8.1CVSS8AI score0.89472EPSS
In wildExploits10References6
F5 Networks
F5 Networks
added 2025/02/07 5:59 a.m.9 views

K000149702: PostgreSQL vulnerabilities CVE-2024-10977 and CVE-2024-10979

Security Advisory Description CVE-2024-10977 Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a...

8.8CVSS7AI score0.04422EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.11 views

Amazon Linux AMI : postgresql92 (ALAS-2025-1959)

The version of postgresql92 installed on the remote host is prior to 9.2.24-3.70. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1959 advisory. While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary...

8.8CVSS8AI score0.04322EPSS
Exploits0References6
Rosalinux
Rosalinux
added 2025/01/28 7:43 p.m.12 views

Advisory ROSA-SA-2025-2666

software: postgresql 15.4 WASP: ROSA-CHROME packageevrstring: postgresql-15.4 CVE-ID: CVE-2023-5868 BDU-ID: 2023-07905 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to the lack of service data protection in function calls with aggregation...

8.8CVSS6.8AI score0.04322EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/01/28 7:41 p.m.28 views

Advisory ROSA-SA-2025-2665

software: postgresql 12.16 WASP: ROSA-CHROME packageevrstring: postgresql-12.16 CVE-ID: CVE-2023-5868 BDU-ID: 2023-07905 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to the lack of service data protection in function calls with aggregation...

7.1CVSS6.6AI score0.02775EPSS
Exploits1
F5 Networks
F5 Networks
added 2025/01/16 11:8 p.m.29 views

K000149329: PostgreSQL vulnerabilities CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, and CVE-2014-0063

Security Advisory Description CVE-2014-0060 PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users t...

6.5CVSS8.3AI score0.06666EPSS
Exploits4
F5 Networks
F5 Networks
added 2025/01/04 1:4 a.m.21 views

K000149183: PostgreSQL vulnerabilities CVE-2014-0064, CVE-2014-0065, CVE-2014-0066, and CVE-2014-0067

Security Advisory Description CVE-2014-0064 Multiple integer overflows in the pathin and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and...

6.5CVSS7.6AI score0.05353EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/12/23 12:0 a.m.17 views

Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-014)

The version of postgresql installed on the remote host is prior to 14.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2024-014 advisory. Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References10
F5 Networks
F5 Networks
added 2024/12/19 11:32 p.m.36 views

K000149068: Multiple PostGreSQL vulnerabilities

Security Advisory Description CVE-2017-7485 In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle...

9.8CVSS7.4AI score0.61566EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/12/19 11:19 p.m.27 views

K000149073: PostgreSQL vulnerabilities CVE-2021-3393, CVE-2015-5289, and CVE-2017-8806

Security Advisory Description CVE-2021-3393 An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose...

6.4CVSS6.6AI score0.05045EPSS
Exploits2
F5 Networks
F5 Networks
added 2024/12/19 11:3 p.m.31 views

K000149072: PostgreSQL vulnerabilities CVE-2015-5288, CVE-2015-3165, CVE-2014-8161, and CVE-2014-2669

Security Advisory Description CVE-2015-5288 The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service server crash or read arbitrary server memory via a...

6.5CVSS7.3AI score0.08565EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.13 views

RockyLinux 8 : postgresql:12 (RLSA-2024:10785)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10785 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS7.6AI score0.04422EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.12 views

RockyLinux 8 : postgresql:16 (RLSA-2024:10831)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10831 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS7.6AI score0.04422EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.12 views

RockyLinux 9 : postgresql:16 (RLSA-2024:10788)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10788 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS7.6AI score0.04422EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.7 views

RockyLinux 8 : postgresql:15 (RLSA-2024:10830)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10830 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS7.6AI score0.04422EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.9 views

RockyLinux 9 : postgresql:15 (RLSA-2024:10787)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10787 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS7.6AI score0.04422EPSS
Exploits1References7
Rows per page
Query Builder