Lucene search
K

256 matches found

OSV
OSV
added 2019/07/30 5:15 p.m.2 views

ALPINE-CVE-2019-10130

A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain...

4.3CVSS6.8AI score0.01085EPSS
Exploits0References1
Prion
Prion
added 2019/07/30 5:15 p.m.32 views

Design/Logic Flaw

A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain...

4CVSS6.1AI score0.01085EPSS
Exploits0References4Affected Software2
Debian CVE
Debian CVE
added 2019/07/30 4:13 p.m.30 views

CVE-2019-10130

Removed by vendor...

4.3CVSS6.5AI score0.01085EPSS
Exploits0
OSV
OSV
added 2019/06/10 7:17 p.m.9 views

MGASA-2019-0189 Updated postgresql packages fix security vulnerabilities

Updated postgresql packages fix security vulnerabilities CVE-2019-10129: Memory disclosure in partition routing Prior to this release, a user running PostgreSQL 11 can read arbitrary bytes of server memory by executing a purpose-crafted INSERT statement to a partitioned table. CVE-2019-10130:...

6.5CVSS6.7AI score0.01633EPSS
Exploits0References2
Mageia
Mageia
added 2019/06/10 7:17 p.m.41 views

Updated postgresql packages fix security vulnerabilities

Updated postgresql packages fix security vulnerabilities CVE-2019-10129: Memory disclosure in partition routing Prior to this release, a user running PostgreSQL 11 can read arbitrary bytes of server memory by executing a purpose-crafted INSERT statement to a partitioned table. CVE-2019-10130:...

6.5CVSS1.6AI score0.01633EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.38 views

Ubuntu 16.04 LTS / 18.04 LTS : PostgreSQL vulnerabilities (USN-3972-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3972-1 advisory. It was discovered that PostgreSQL incorrectly handled partition routing. A remote user could possibly use this issue to read arbitrary bytes ...

6.5CVSS6.8AI score0.01633EPSS
Exploits0References3
OSV
OSV
added 2019/05/13 12:3 p.m.3 views

USN-3972-1 postgresql-10, postgresql-11, postgresql-9.5 vulnerabilities

It was discovered that PostgreSQL incorrectly handled partition routing. A remote user could possibly use this issue to read arbitrary bytes of server memory. This issue only affected Ubuntu 19.04. CVE-2019-10129 Dean Rasheed discovered that PostgreSQL incorrectly handled selectivity estimators. ...

6.5CVSS6.8AI score0.01633EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/05/09 12:0 a.m.30 views

CVE-2019-10130

A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain...

4.3CVSS6.7AI score0.01085EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2019/05/09 12:0 a.m.46 views

PostgreSQL -- Selectivity estimators bypass row security policies

The PostgreSQL project reports: PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user able to execute SQL queries with permissions to read a given column could craft a leaky operato...

4.3CVSS1.2AI score0.01085EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/12 12:0 a.m.3 views

PostgreSQL Security Bypass Vulnerability (CNVD-2016-02169)

PostgreSQL is a free object-relational database management system developed by the PostgreSQL development group. The system supports most of the SQL standards and provides many other features, such as foreign keys, triggers, views, and so on. A security bypass vulnerability exists in PostgreSQL...

7.5CVSS9AI score0.01807EPSS
Exploits0References1
OSV
OSV
added 2016/04/11 3:59 p.m.10 views

CVE-2016-2193

PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role...

7.5CVSS5.6AI score0.01807EPSS
Exploits0References4
Prion
Prion
added 2016/04/11 3:59 p.m.22 views

Design/Logic Flaw

PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role...

5CVSS6.9AI score0.01807EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/04/11 3:0 p.m.33 views

CVE-2016-2193

PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role...

7AI score0.01807EPSS
Exploits0References4
CVE
CVE
added 2016/04/11 3:0 p.m.147 views

CVE-2016-2193

CVE-2016-2193 affects PostgreSQL prior to 9.5.2 where row-security status was not correctly maintained in cached plans, potentially allowing a session running queries as multiple roles to bypass intended access restrictions. The provided sources indicate the issue lies in how row-level security i...

7.5CVSS6.9AI score0.01807EPSS
Exploits0References4Affected Software1
Kaspersky
Kaspersky
added 2016/04/11 12:0 a.m.36 views

KLA10790 Multiple vulnerabilities in PostgreSQL

Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information or cause denial of service. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited via ...

9.1CVSS7AI score0.03347EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/03/31 12:0 a.m.4 views

PT-2016-1648 · Postgresql · Postgresql

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions prior to 9.5.2 Description: The issue is related to errors in security settings, allowing a remote attacker to bypass existing access restrictions by leveraging a session that performs queries as more than one role. This i...

9.8CVSS6.5AI score0.54312EPSS
Exploits21References58
Rows per page
Query Builder