Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql postgresql vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-10211
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.
Postgresql Postgresql
9.8
CVSSv3
CVE-2015-0270
Zend Framework prior to 2.2.10 and 2.3.x prior to 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter.
Zend Framework
9.8
CVSSv3
CVE-2018-16203
PgpoolAdmin 4.0 and previous versions allows remote malicious users to bypass the login authentication and obtain the administrative privilege of the PostgreSQL database via unspecified vectors.
Pgpool Pgpooladmin
9.8
CVSSv3
CVE-2018-5384
Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection. If successfully exploited the user can get info from the underlying postgresql database that could lead into to total compromise of the product. The said scri...
Navarino Infinity
9.1
CVSSv3
CVE-2023-31131
Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions before 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can u...
Vmware Greenplum Database
9.1
CVSSv3
CVE-2021-3850
Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb before 5.20.21.
Adodb Project Adodb
Debian Debian Linux 9.0
9.1
CVSSv3
CVE-2016-8640
A SQL injection vulnerability in pycsw all versions prior to 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw database that the database user has access to. Also on PostgreSQL (at least) it is possible to perform updates/inserts/delet...
Pycsw Pycsw
9.1
CVSSv3
CVE-2017-11693
MEDHOST Document Management System contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and ...
Medhost Medhost Document Management System -
9.1
CVSSv3
CVE-2016-3065
The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL prior to 9.5.x prior to 9.5.2 allows malicious users to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of serv...
Postgresql Postgresql 9.5.1
Postgresql Postgresql 9.5
8.8
CVSSv3
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overfl...
Postgresql Postgresql 16.0
Postgresql Postgresql
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Arm 64 8.0
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »