Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql postgresql 15 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2625
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim...
Postgresql Postgresql
Postgresql Postgresql 15
Fedoraproject Fedora 36
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
6.5
CVSSv2
CVE-2002-1401
Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and previous versions allow malicious users to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer o...
Postgresql Postgresql 7.2.3
Postgresql Postgresql 7.1.3
Postgresql Postgresql 7.2.1
Postgresql Postgresql 6.5.3
Postgresql Postgresql 7.0.3
Postgresql Postgresql 7.1
Postgresql Postgresql 7.1.1
Postgresql Postgresql 7.1.2
Postgresql Postgresql 6.3.2
Postgresql Postgresql 7.2
Postgresql Postgresql 7.2.2
4.6
CVSSv2
CVE-2002-1398
Buffer overflow in the date parser for PostgreSQL prior to 7.2.2 allows malicious users to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input."
Postgresql Postgresql 6.5.3
Postgresql Postgresql 7.0.3
Postgresql Postgresql 6.3.2
Postgresql Postgresql 7.2
Postgresql Postgresql 7.2.1
Postgresql Postgresql 7.1.2
Postgresql Postgresql 7.1.3
Postgresql Postgresql 7.1
Postgresql Postgresql 7.1.1
7.5
CVSSv2
CVE-2002-1400
Heap-based buffer overflow in the repeat() function for PostgreSQL prior to 7.2.2 allows malicious users to execute arbitrary code by causing repeat() to generate a large string.
Postgresql Postgresql 7.1.3
Postgresql Postgresql 7.2
Postgresql Postgresql 7.1.1
Postgresql Postgresql 7.1.2
Postgresql Postgresql 7.0.3
Postgresql Postgresql 7.1
Postgresql Postgresql 6.3.2
Postgresql Postgresql 6.5.3
Postgresql Postgresql 7.2.1
4.6
CVSSv2
CVE-2002-1402
Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and previous versions allow local users to cause a denial of service and possibly execute arbitrary code.
Postgresql Postgresql 7.1.3
Postgresql Postgresql 7.2.1
Postgresql Postgresql 7.1.1
Postgresql Postgresql 7.1.2
Postgresql Postgresql 7.0.3
Postgresql Postgresql 7.1
Postgresql Postgresql 6.3.2
Postgresql Postgresql 6.5.3
4.6
CVSSv2
CVE-2002-0972
Buffer overflows in PostgreSQL 7.2 allow malicious users to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.
Postgresql Postgresql 7.1.1
Postgresql Postgresql 7.1.2
Postgresql Postgresql 7.2
Postgresql Postgresql 7.2.1
Postgresql Postgresql 6.3.2
Postgresql Postgresql 6.5.3
Postgresql Postgresql 7.1
7.2
CVSSv2
CVE-2016-1255
The pg_ctlcluster script in postgresql-common package in Debian wheezy prior to 134wheezy5, in Debian jessie prior to 165+deb8u2, in Debian unstable prior to 178, in Ubuntu 12.04 LTS prior to 129ubuntu1.2, in Ubuntu 14.04 LTS prior to 154ubuntu1.1, in Ubuntu 16.04 LTS prior to 17...
Debian Postgresql-common 11
Debian Postgresql-common 12
Debian Postgresql-common 13
Debian Postgresql-common 14
Debian Postgresql-common 28
Debian Postgresql-common 29
Debian Postgresql-common 30
Debian Postgresql-common 31
Debian Postgresql-common 44
Debian Postgresql-common 7
Debian Postgresql-common 9
Debian Postgresql-common 16
Debian Postgresql-common 18
Debian Postgresql-common 23
Debian Postgresql-common 45
Debian Postgresql-common 46
Debian Postgresql-common 47
Debian Postgresql-common 61
Debian Postgresql-common 62
Debian Postgresql-common 63
Debian Postgresql-common 64
Debian Postgresql-common 78
NA
CVE-2023-39418
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 12.0
NA
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-5868
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type de...
Postgresql Postgresql 16.0
Postgresql Postgresql
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Arm 64 8.0
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
Redhat Codeready Linux Builder For Arm64 Eus 9.2 Aarch64
Redhat Codeready Linux Builder For Ibm Z Systems Eus 9.2 S390x
Redhat Codeready Linux Builder Eus For Power Little Endian Eus 9.2 Ppc64le
Redhat Codeready Linux Builder Eus 9.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »