Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql postgresql vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2007-0555
PostgreSQL 7.3 prior to 7.3.13, 7.4 prior to 7.4.16, 8.0 prior to 8.0.11, 8.1 prior to 8.1.7, and 8.2 prior to 8.2.2 allows malicious users to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service...
Postgresql Postgresql
755
VMScore
CVE-2012-2386
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP prior to 5.3.14 and 5.4.x prior to 5.4.4 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that trigger...
Php Php
1 EDB exploit
755
VMScore
CVE-2005-0245
Buffer overflow in gram.y for PostgreSQL 8.0.0 and previous versions may allow malicious users to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.
Postgresql Postgresql 8.0
Postgresql Postgresql
1 EDB exploit
730
VMScore
CVE-2013-1899
Argument injection vulnerability in PostgreSQL 9.2.x prior to 9.2.4, 9.1.x prior to 9.1.9, and 9.0.x prior to 9.0.13 allows remote malicious users to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute ar...
Postgresql Postgresql 9.2.1
Postgresql Postgresql 9.2.3
Postgresql Postgresql 9.2
Postgresql Postgresql 9.2.2
Postgresql Postgresql 9.1.4
Postgresql Postgresql 9.1
Postgresql Postgresql 9.1.5
Postgresql Postgresql 9.1.8
Postgresql Postgresql 9.1.2
Postgresql Postgresql 9.1.6
Postgresql Postgresql 9.1.7
Postgresql Postgresql 9.1.3
Postgresql Postgresql 9.1.1
Postgresql Postgresql 9.0.11
Postgresql Postgresql 9.0.7
Postgresql Postgresql 9.0.6
Postgresql Postgresql 9.0.10
Postgresql Postgresql 9.0.4
Postgresql Postgresql 9.0.9
Postgresql Postgresql 9.0.1
Postgresql Postgresql 9.0.3
Postgresql Postgresql 9.0
2 Metasploit modules
1 Article
695
VMScore
CVE-2017-14798
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
Postgresql Postgresql
Suse Suse Linux Enterprise Server 11
1 EDB exploit
685
VMScore
CVE-2009-0543
ProFTPD Server 1.3.1, with NLS support enabled, allows remote malicious users to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
Proftpd Proftpd 1.3.1
1 EDB exploit
1 Github repository
676
VMScore
CVE-2020-25696
A flaw was found in the psql interactive terminal of PostgreSQL in versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20 and prior to 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute ar...
Postgresql Postgresql
Debian Debian Linux 9.0
670
VMScore
CVE-2022-21724
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin ...
Postgresql Postgresql Jdbc Driver
Postgresql Postgresql Jdbc Driver 42.3.2
Fedoraproject Fedora 35
Quarkus Quarkus
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8 Github repositories
670
VMScore
CVE-2020-7471
Django 1.11 prior to 1.11.28, 2.2 prior to 2.2.10, and 3.0 prior to 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a s...
Djangoproject Django
11 Github repositories
668
VMScore
CVE-2022-26520
In pgjdbc prior to 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JS...
Postgresql Postgresql Jdbc Driver
Debian Debian Linux 10.0
Debian Debian Linux 11.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »