CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2024/08/08 1:0 p.m.•14 views

CVE-2024-7348

8.8CVSS8.4AI score0.00743EPSS

Exploits0

AlpineLinux•added 2024/08/08 1:0 p.m.•22 views

CVE-2024-7348

8.8CVSS8.2AI score0.00743EPSS

Exploits0

CVE•added 2024/08/08 1:0 p.m.•360 views

CVE-2024-7348

TOCTOU race in pg_dump (CVE-2024-7348) allows the object creator to run arbitrary SQL functions as the pg_dump user (often a superuser) by replacing a relation type with a view or foreign table. The attack requires waiting for pg_dump to start; success is facilitated if an open transaction is hel...

8.8CVSS9AI score0.00743EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2024/05/14 12:0 a.m.•21 views

Rocky Linux 9 : postgresql (RLSA-2024:0951)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0951 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer...

Tenable Nessus•added 2024/03/19 12:0 a.m.•25 views

RHEL 8 : postgresql (RHSA-2024:1429)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1429 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

Tenable Nessus•added 2024/03/19 12:0 a.m.•16 views

RHEL 8 : postgresql (RHSA-2024:1428)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1428 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

Tenable Nessus•added 2024/03/18 12:0 a.m.•24 views

RHEL 8 : postgresql:10 (RHSA-2024:1348)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1348 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

Tenable Nessus•added 2024/03/13 12:0 a.m.•24 views

RHEL 8 : postgresql:13 (RHSA-2024:1315)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1315 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW...

Ubuntu•added 2024/03/12 10:38 a.m.•35 views

USN-6656-2: PostgreSQL vulnerability

USN-6656-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 16.04 LTS Original advisory details: It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user...

Tenable Nessus•added 2024/03/12 12:0 a.m.•21 views

Exploits0

Ubuntu 16.04 LTS : PostgreSQL vulnerability (USN-6656-2)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6656-2 advisory. USN-6656-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 16.04 LTS Tenable has extracted the preceding...

8CVSS7.4AI score0.00753EPSS

Exploits0References2

Tenable Nessus•added 2024/03/12 12:0 a.m.•14 views

Rocky Linux 8 : postgresql:13 (RLSA-2024:0975)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0975 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer...

Tenable Nessus•added 2024/03/12 12:0 a.m.•38 views

Rocky Linux 8 : postgresql:15 (RLSA-2024:0973)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0973 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer...

OSV•added 2024/03/06 11:4 a.m.•42 views

BIT-POSTGRESQL-2022-1552

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activated relevant protections too late or no...

8.8CVSS8.4AI score0.02263EPSS

Exploits0References7

Tenable Nessus•added 2024/03/06 12:0 a.m.•29 views

Amazon Linux 2 : postgresql (ALASPOSTGRESQL12-2024-008)

The version of postgresql installed on the remote host is prior to 12.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-008 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute...

Tenable Nessus•added 2024/03/06 12:0 a.m.•20 views

Amazon Linux 2 : postgresql (ALASPOSTGRESQL14-2024-006)

The version of postgresql installed on the remote host is prior to 14.11-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2024-006 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute...

Tenable Nessus•added 2024/03/06 12:0 a.m.•11 views

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2024-547)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-547 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as...

Tenable Nessus•added 2024/03/06 12:0 a.m.•18 views

Amazon Linux 2 : libpq (ALASPOSTGRESQL12-2024-009)

The version of libpq installed on the remote host is prior to 12.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL12-2024-009 advisory. Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary...

Tenable Nessus•added 2024/02/29 12:0 a.m.•93 views

CentOS 9 : postgresql-13.7-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the postgresql-13.7-1.el9 build changelog. - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's...

8.8CVSS7.7AI score0.02263EPSS

Exploits0References2

Tenable Nessus•added 2024/02/28 12:0 a.m.•27 views

AlmaLinux 9 : postgresql (ALSA-2024:0951)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0951 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. Th...