Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13301 matches found

PostrgeSql
PostrgeSqladded 2024/11/14 12:0 a.m.103 views

Vulnerability in core server (CVE-2024-10979)

PostgreSQL PL/Perl environment variable changes execute arbitrary code Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if...

8.8CVSS7.6AI score0.04422EPSS
Exploits1References1Affected Software1
PostrgeSql
PostrgeSqladded 2024/11/14 12:0 a.m.83 views

Vulnerability in core server (CVE-2024-10978)

PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an...

4.2CVSS6.7AI score0.00705EPSS
Exploits0References1Affected Software1
PostrgeSql
PostrgeSqladded 2024/11/14 12:0 a.m.60 views

Vulnerability in core server (CVE-2024-10976)

PostgreSQL row security below e.g. subqueries disregards user ID changes Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user I...

5.4CVSS5.6AI score0.00786EPSS
Exploits0References1Affected Software1
PostrgeSql
PostrgeSqladded 2024/11/14 12:0 a.m.82 views

Vulnerability in client (CVE-2024-10977)

PostgreSQL libpq retains an error message from man-in-the-middle Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long...

3.7CVSS6.8AI score0.0038EPSS
Exploits0References1Affected Software1
Veeam
Veeamadded 2024/11/14 12:0 a.m.12 views

How to Migrate the Configuration and Repository Cache Databases

Article Applicability This article is intended for use in environments where Veeam Backup for Microsoft 365 8 is already installed. The information provided in this article outlines the process for migrating the Configuration and Cache Databases from one PostgreSQL instance to another, including...

7.4AI score
Exploits0Affected Software1
CNNVD
CNNVDadded 2024/11/14 12:0 a.m.1 views

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL that stems from incorre...

8.8CVSS8.3AI score0.04422EPSS
Exploits1References2
CNNVD
CNNVDadded 2024/11/14 12:0 a.m.1 views

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL that stems from...

3.7CVSS6.7AI score0.0038EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/11/14 12:0 a.m.3 views

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL that stems from...

5.4CVSS6.7AI score0.00786EPSS
Exploits0References3
Kaspersky
Kasperskyadded 2024/11/14 12:0 a.m.12 views

KLA77143 Multiple vulnerabilities in PostgreSQL

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability can be exploited remotely to gain...

8.8CVSS8.6AI score0.04422EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2024/11/14 12:0 a.m.6 views

PT-2024-8140 · Postgresql +10 · Postgresql +10

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions prior to 17.1 PostgreSQL versions prior to 16.5 PostgreSQL versions prior to 15.9 PostgreSQL versions prior to 14.14 PostgreSQL versions prior to 13.17 PostgreSQL versions prior to 12.21 Description: The issue arises from...

8.8CVSS6.8AI score0.89472EPSS
Exploits11References226
Positive Technologies
Positive Technologiesadded 2024/11/14 12:0 a.m.6 views

PT-2024-8138

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions prior to 17.1 PostgreSQL versions prior to 16.5 PostgreSQL versions prior to 15.9 PostgreSQL versions prior to 14.14 PostgreSQL versions prior to 13.17 PostgreSQL versions prior to 12.21 Description: The issue is related t...

9CVSS8.4AI score0.89472EPSS
Exploits12References235
Tenable Nessus
Tenable Nessusadded 2024/11/14 12:0 a.m.6 views

FreeBSD : PostgreSQL -- SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID (12e3feab-a29f-11ef-af48-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 12e3feab-a29f-11ef-af48-6cc21735f730 advisory. PostgreSQL project reports: Incorrect privilege assignment in PostgreSQL allows a less-privileged...

4.2CVSS6.4AI score0.00705EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/11/14 12:0 a.m.4 views

FreeBSD : PostgreSQL -- PL/Perl environment variable changes execute arbitrary code (a03636f4-a29f-11ef-af48-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a03636f4-a29f-11ef-af48-6cc21735f730 advisory. PostgreSQL project reports: Incorrect control of environment variables in PostgreSQL PL/Perl allows an...

8.8CVSS8.3AI score0.04422EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2024/11/14 12:0 a.m.16 views

FreeBSD : PostgreSQL -- PostgreSQL row security below e.g. subqueries disregards user ID changes (3831292b-a29d-11ef-af48-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3831292b-a29d-11ef-af48-6cc21735f730 advisory. PostgreSQL project reports: Incomplete tracking in PostgreSQL of tables with row security allows a reus...

7.5CVSS6.5AI score0.01807EPSS
Exploits0References3
FreeBSD
FreeBSDadded 2024/11/14 12:0 a.m.26 views

PostgreSQL -- SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID

PostgreSQL project reports: Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when...

4.2CVSS6.9AI score0.00705EPSS
Exploits0References1
FreeBSD
FreeBSDadded 2024/11/14 12:0 a.m.18 views

PostgreSQL -- PostgreSQL row security below e.g. subqueries disregards user ID changes

PostgreSQL project reports: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery...

5.4CVSS7.1AI score0.00786EPSS
Exploits0References1
FreeBSD
FreeBSDadded 2024/11/14 12:0 a.m.11 views

PostgreSQL -- PL/Perl environment variable changes execute arbitrary code

PostgreSQL project reports: Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if the attacker lacks a database server...

8.8CVSS7.3AI score0.04422EPSS
Exploits1References1
FreeBSD
FreeBSDadded 2024/11/14 12:0 a.m.13 views

PostgreSQL -- libpq retains an error message from man-in-the-middle

PostgreSQL project reports: Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or...

3.7CVSS7AI score0.0038EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2024/11/14 12:0 a.m.8 views

FreeBSD : PostgreSQL -- libpq retains an error message from man-in-the-middle (a61ef21b-a29e-11ef-af48-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a61ef21b-a29e-11ef-af48-6cc21735f730 advisory. PostgreSQL project reports: Client use of server error message in PostgreSQL allows a server not truste...

3.7CVSS6.7AI score0.0038EPSS
Exploits0References3
OSV
OSVadded 2024/11/12 7:15 p.m.3 views

CVE-2024-49042

Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability...

7.2CVSS7.3AI score0.01175EPSS
Exploits0References1
Rows per page
Query Builder