Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7089 matches found

CVE
CVEadded 2002/07/26 4:0 a.m.52 views

CVE-2001-1379

CVE-2001-1379 affects the PostgreSQL authentication modules used with Apache: mod_auth_pgsql 0.9.5 and mod_auth_pgsql_sys 0.9.4 . The vulnerability is a SQL injection via the user name parameter that allows remote attackers to bypass authentication and execute arbitrary SQL. OpenVAS/Nessus entrie...

7.5CVSS8.2AI score0.01719EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2001/09/12 4:0 a.m.60 views

CVE-2000-1199

CVE-2000-1199 affects PostgreSQL: usernames and passwords are stored in plaintext in (1) pg_shadow and (2) pg_pwd, enabling attackers with sufficient privileges to access databases. This root cause is plaintext credential storage; impact is described as partial confidentiality, partial integrity,...

4.6CVSS6.8AI score0.01129EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2001/08/29 4:0 a.m.9 views

CVE-2001-1379

The PostgreSQL authentication modules 1 modauthpgsql 0.9.5, and 2 modauthpgsqlsys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name...

7.5CVSS8.2AI score0.01719EPSS
Exploits0References9
NVD
NVDadded 2001/03/26 5:0 a.m.6 views

CVE-2001-0201

The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program...

7.5CVSS7.9AI score0.00861EPSS
Exploits1References3
CVE
CVEadded 2001/03/09 5:0 a.m.42 views

CVE-2001-0201

The CVE-2001-0201 entry describes a vulnerability in the Postaci frontend for PostgreSQL where improper filtering of characters (e.g., semicolons) could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program. This yields partial confidentiality, integrity, and a...

7.5CVSS8.3AI score0.00861EPSS
Exploits1References3Affected Software1
exploitpack
exploitpackadded 2000/04/23 12:0 a.m.19 views

PostgreSQL 6.3.26.5.3 - Cleartext Passwords

PostgreSQL 6.3.26.5.3 - Cleartext Passwords source: https://www.securityfocus.com/bid/1139/info PostgreSQL is a free RDBMS that is released under a Berkeley style license. PostgreSQL stores passwords for database users in a binary file called pgshadow. This file is readable by root and the postgr...

Exploits0
CVE
CVEadded 2000/02/04 5:0 a.m.67 views

CVE-1999-0862

The CVE-1999-0862 case relates to insecure directory permissions in the PostgreSQL RPM distribution, enabling local users to gain privileges by reading a plaintext password file. The PT-Security entry notes PostgreSQL (affected versions not specified) and identifies the root cause as insecure RPM...

2.1CVSS7.1AI score0.00087EPSS
Exploits0References1Affected Software1
NVD
NVDadded 1999/12/02 5:0 a.m.15 views

CVE-1999-0862

Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file...

2.1CVSS6.7AI score0.00087EPSS
Exploits0References1
Redos
Redosadded 1976/01/01 12:0 a.m.5 views

ROS-2-1458

2.1458 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

8.8CVSS8.5AI score0.00641EPSS
Exploits0
Rows per page
Query Builder