Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql postgresql 10.0 vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-1052
Memory disclosure vulnerability in table partitioning was found in postgresql 10.x prior to 10.2, allowing an authenticated malicious user to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table.
Postgresql Postgresql 10.1
Postgresql Postgresql 10.0
NA
CVE-2022-41946
pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This will crea...
Postgresql Postgresql Jdbc Driver 42.5.0
Postgresql Postgresql Jdbc Driver
Debian Debian Linux 10.0
2 Github repositories
NA
CVE-2022-31197
PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of column names so a malicious c...
Postgresql Postgresql Jdbc Driver
Postgresql Postgresql Jdbc Driver 42.4.0
Postgresql Postgresql Jdbc Driver 42.4.1
Debian Debian Linux 10.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
670
VMScore
CVE-2022-21724
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin ...
Postgresql Postgresql Jdbc Driver
Postgresql Postgresql Jdbc Driver 42.3.2
Fedoraproject Fedora 35
Quarkus Quarkus
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8 Github repositories
668
VMScore
CVE-2022-26520
In pgjdbc prior to 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JS...
Postgresql Postgresql Jdbc Driver
Debian Debian Linux 10.0
Debian Debian Linux 11.0
605
VMScore
CVE-2020-13692
PostgreSQL JDBC Driver (aka PgJDBC) prior to 42.2.13 allows XXE.
Postgresql Postgresql Jdbc Driver
Quarkus Quarkus
Netapp Steelstore Cloud Integrated Storage -
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
641
VMScore
CVE-2019-3466
The pg_ctlcluster script in postgresql-common in versions before 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
Postgresql Postgresql-common
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 9.0
Debian Debian Linux 10.0
187
VMScore
CVE-2004-0977
The make_oidjoins_check script in PostgreSQL 7.4.5 and previous versions allows local users to overwrite files via a symlink attack on temporary files.
Postgresql Postgresql
Trustix Secure Linux 2.0
Mandrakesoft Mandrake Linux Corporate Server 2.1
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux 3.0
Mandrakesoft Mandrake Linux 9.2
Mandrakesoft Mandrake Linux 10.1
Mandrakesoft Mandrake Linux 10.0
Trustix Secure Linux 2.1
607
VMScore
CVE-2009-3231
The core server component in PostgreSQL 8.3 prior to 8.3.8 and 8.2 prior to 8.2.14, when using LDAP authentication with anonymous binds, allows remote malicious users to bypass authentication via an empty password.
Postgresql Postgresql
Suse Linux Enterprise Server 9
Suse Linux Enterprise 11.0
Opensuse Opensuse
Suse Linux Enterprise 10.0
Fedoraproject Fedora 11
Fedoraproject Fedora 10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
385
VMScore
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started