Lucene search
K

68 matches found

OSV
OSV
added 2020/08/24 1:15 p.m.30 views

CVE-2020-14350

It was found that some PostgreSQL extensions did not use searchpath safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affect...

7.3CVSS5.1AI score
Exploits0References11
OSV
OSV
added 2020/08/24 1:15 p.m.2 views

ALPINE-CVE-2020-14350

It was found that some PostgreSQL extensions did not use searchpath safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affect...

7.3CVSS6.8AI score0.00532EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/24 12:42 p.m.31 views

CVE-2020-14350

It was found that some PostgreSQL extensions did not use searchpath safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affect...

7.3AI score0.00532EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2020/08/17 12:0 a.m.33 views

CVE-2020-14350

It was found that some PostgreSQL extensions did not use searchpath safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affect...

7.3CVSS7.1AI score0.00532EPSS
Exploits0References3
OSV
OSV
added 2020/08/17 12:0 a.m.2 views

UBUNTU-CVE-2020-14350

It was found that some PostgreSQL extensions did not use searchpath safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affect...

7.3CVSS7.1AI score0.00532EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.27 views

Ubuntu Update for postgresql-8.1, postgresql-8.2 vulnerability USN-454-1

Ubuntu Update for Linux kernel vulnerabilities USN-454-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4541.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for postgresql-8.1, postgresql-8.2 vulnerability USN-454-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks...

6CVSS0.3AI score0.03184EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.31 views

Ubuntu 6.06 LTS / 6.10 / 7.04 : postgresql-8.1, postgresql-8.2 vulnerability (USN-454-1)

PostgreSQL did not handle the 'searchpath' configuration option in a secure way for functions declared as 'SECURITY DEFINER'. Previously, an attacker could override functions and operators used by the security definer function to execute arbitrary SQL commands with the privileges of the user who...

6CVSS7.8AI score0.03184EPSS
Exploits0References2
seebug.org
seebug.org
added 2007/04/25 12:0 a.m.41 views

PostgreSQL SECURITY DEFINER函数本地权限提升漏洞

PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL的SECURITY DEFINER函数实现上存在安全漏洞,允许本地通过修改searchpath并使用临时对象获得权限提升。 PostgreSQL PostgreSQL 8.2.4 PostgreSQL PostgreSQL 8.1.9 PostgreSQL PostgreSQL 8.0.13 PostgreSQL PostgreSQL 7.4.17 PostgreSQL PostgreSQL 7.3.19 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.1AI score
Exploits0
Rows per page
Query Builder