Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql postgresql 8.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-39418
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 12.0
4.3
CVSSv3
CVE-2021-3393
An information leak exists in postgresql in versions prior to 13.2, prior to 12.6 and prior to 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in er...
Postgresql Postgresql
Redhat Software Collections -
Redhat Enterprise Linux 8.0
4.3
CVSSv3
CVE-2021-20229
A flaw was found in PostgreSQL in versions prior to 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.
Postgresql Postgresql
Redhat Software Collections -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
4.3
CVSSv3
CVE-2014-8161
PostgreSQL prior to 9.0.19, 9.1.x prior to 9.1.15, 9.2.x prior to 9.2.10, 9.3.x prior to 9.3.6, and 9.4.x prior to 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
Postgresql Postgresql
Debian Debian Linux 7.0
Debian Debian Linux 8.0
3.7
CVSSv3
CVE-2022-41862
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
Postgresql Postgresql
Fedoraproject Fedora 8
Redhat Enterprise Linux 8.0
Redhat Integration Service Registry -
Redhat Integration Camel K -
Redhat Integration Camel Quarkus -
NA
CVE-2015-3165
Double free vulnerability in PostgreSQL prior to 9.0.20, 9.1.x prior to 9.1.16, 9.2.x prior to 9.2.11, 9.3.x prior to 9.3.7, and 9.4.x prior to 9.4.2 allows remote malicious users to cause a denial of service (crash) by closing an SSL session at a time when the authentication tim...
Canonical Ubuntu Linux 15.04
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Debian Debian Linux 8.0
Canonical Ubuntu Linux 12.04
Apple Mac Os X Server 5.0.2
Postgresql Postgresql 9.1.1
Postgresql Postgresql 9.1.2
Postgresql Postgresql 9.1.3
Postgresql Postgresql 9.1.10
Postgresql Postgresql 9.1.11
Postgresql Postgresql 9.2.2
Postgresql Postgresql 9.2.3
Postgresql Postgresql 9.2.10
Postgresql Postgresql 9.3
Postgresql Postgresql 9.3.1
Postgresql Postgresql 9.4.1
Postgresql Postgresql
Postgresql Postgresql 9.1
Postgresql Postgresql 9.1.8
Postgresql Postgresql 9.1.9
NA
CVE-2015-3427
Quassel prior to 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote malicious users to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete ...
Quassel-irc Quassel
Debian Debian Linux 8.0
NA
CVE-2012-2143
The crypt_des (aka DES-based crypt) function in FreeBSD prior to 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent malicious user...
Postgresql Postgresql
Freebsd Freebsd 5.2.1
Freebsd Freebsd 7.4
Freebsd Freebsd 6.1
Freebsd Freebsd 3.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 2.2.5
Freebsd Freebsd 5.5
Freebsd Freebsd 8.2
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
Freebsd Freebsd 2.2.2
Freebsd Freebsd 2.1.7
Freebsd Freebsd 4.11
Freebsd Freebsd 2.0.5
Freebsd Freebsd 8.0
Freebsd Freebsd 1.1.5.1
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 7.0
Freebsd Freebsd
NA
CVE-2010-3433
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 prior to 7.4.30, 8.0 prior to 8.0.26, 8.1 prior to 8.1.22, 8.2 prior to 8.2.18, 8.3 prior to 8.3.12, 8.4 prior to 8.4.5, and 9.0 prior to 9.0.1 do not properly protect script execution by a different SQL user identity withi...
Postgresql Postgresql 7.4.5
Postgresql Postgresql 7.4.4
Postgresql Postgresql 7.4.28
Postgresql Postgresql 7.4.18
Postgresql Postgresql 7.4.23
Postgresql Postgresql 7.4.12
Postgresql Postgresql 7.4.17
Postgresql Postgresql 7.4.21
Postgresql Postgresql 7.4.24
Postgresql Postgresql 7.4.9
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.22
Postgresql Postgresql 7.4.14
Postgresql Postgresql 7.4.19
Postgresql Postgresql 7.4.15
Postgresql Postgresql 7.4.7
Postgresql Postgresql 7.4.6
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.25
Postgresql Postgresql 7.4.13
Postgresql Postgresql 7.4.26
NA
CVE-2010-1169
PostgreSQL 7.4 prior to 7.4.29, 8.0 prior to 8.0.25, 8.1 prior to 8.1.21, 8.2 prior to 8.2.17, 8.3 prior to 8.3.11, 8.4 prior to 8.4.4, and 9.0 Beta prior to 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation ...
Postgresql Postgresql 7.4.5
Postgresql Postgresql 7.4.4
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.14
Postgresql Postgresql 7.4.15
Postgresql Postgresql 7.4.28
Postgresql Postgresql 7.4.27
Postgresql Postgresql 7.4.3
Postgresql Postgresql 7.4.2
Postgresql Postgresql 7.4.8
Postgresql Postgresql 7.4.18
Postgresql Postgresql 7.4.25
Postgresql Postgresql 7.4.13
Postgresql Postgresql 7.4.21
Postgresql Postgresql 7.4.26
Postgresql Postgresql 7.4.7
Postgresql Postgresql 7.4.24
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.22
Postgresql Postgresql 7.4.19
Postgresql Postgresql 7.4.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »