Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql postgresql 9.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-3167
contrib/pgcrypto in PostgreSQL prior to 9.0.20, 9.1.x prior to 9.1.16, 9.2.x prior to 9.2.11, 9.3.x prior to 9.3.7, and 9.4.x prior to 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for malicious users to obtain the key via a brute force...
Postgresql Postgresql
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
5
CVSSv2
CVE-2017-18359
PostGIS 2.x prior to 2.3.3, as used with PostgreSQL, allows remote malicious users to cause a denial of service via crafted ST_AsX3D function input, as demonstrated by an abnormal server termination for "SELECT ST_AsX3D('LINESTRING EMPTY');" because empty geom...
Postgis Postgis
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2016-0768
PostgreSQL PL/Java after 9.0 does not honor access controls on large objects.
Postgresql Postgresql
5
CVSSv2
CVE-2011-2483
crypt_blowfish prior to 1.1, as used in PHP prior to 5.3.7 on certain platforms, PostgreSQL prior to 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent malicious users to determine a cleartext password by leveraging k...
Php Php
Postgresql Postgresql
Openwall Crypt Blowfish
1 Github repository
4.9
CVSSv2
CVE-2012-3488
The libxslt support in contrib/xml2 in PostgreSQL 8.3 prior to 8.3.20, 8.4 prior to 8.4.13, 9.0 prior to 9.0.9, and 9.1 prior to 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or tri...
Postgresql Postgresql 9.1.2
Postgresql Postgresql 9.1.3
Postgresql Postgresql 9.1.4
Postgresql Postgresql 9.1
Postgresql Postgresql 9.1.1
Postgresql Postgresql 8.4.12
Postgresql Postgresql 8.4.6
Postgresql Postgresql 8.4.10
Postgresql Postgresql 8.4.3
Postgresql Postgresql 8.4.4
Postgresql Postgresql 8.4.7
Postgresql Postgresql 8.4.5
Postgresql Postgresql 8.4.1
Postgresql Postgresql 8.4.11
Postgresql Postgresql 8.4
Postgresql Postgresql 8.4.2
Postgresql Postgresql 8.4.8
Postgresql Postgresql 8.4.9
Postgresql Postgresql 8.3.18
Postgresql Postgresql 8.3.13
Postgresql Postgresql 8.3.2
Postgresql Postgresql 8.3.1
4.6
CVSSv2
CVE-2014-0067
The "make check" command for the test suites in PostgreSQL 9.3.3 and previous versions does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging a...
Apple Mac Os X 10.10.4
Apple Mac Os X Server 5.0.3
Postgresql Postgresql 9.1.7
Postgresql Postgresql 9.1.6
Postgresql Postgresql 9.0.8
Postgresql Postgresql 9.1.5
Postgresql Postgresql 9.1.2
Postgresql Postgresql 9.1.3
Postgresql Postgresql 9.0.6
Postgresql Postgresql 9.0.5
Postgresql Postgresql 9.0.10
Postgresql Postgresql 9.0
Postgresql Postgresql 8.4.3
Postgresql Postgresql 8.4.2
Postgresql Postgresql 8.4.16
Postgresql Postgresql 8.4.1
Postgresql Postgresql 9.3.2
Postgresql Postgresql 9.1.11
Postgresql Postgresql 9.1.10
Postgresql Postgresql 9.2
Postgresql Postgresql 9.1.8
Postgresql Postgresql 9.1.1
4.4
CVSSv2
CVE-2020-14350
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such exte...
Postgresql Postgresql
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
4.3
CVSSv2
CVE-2012-0867
PostgreSQL 8.4.x prior to 8.4.11, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote malicious users to spoof connections when the host name is exactly 32 characters.
Opensuse Project Opensuse 12.2
Postgresql Postgresql 8.4
Postgresql Postgresql 8.4.10
Postgresql Postgresql 8.4.8
Postgresql Postgresql 8.4.9
Postgresql Postgresql 8.4.2
Postgresql Postgresql 8.4.1
Postgresql Postgresql 8.4.3
Postgresql Postgresql 8.4.4
Postgresql Postgresql 8.4.5
Postgresql Postgresql 8.4.6
Postgresql Postgresql 8.4.7
Postgresql Postgresql 9.0
Postgresql Postgresql 9.0.1
Postgresql Postgresql 9.0.2
Postgresql Postgresql 9.0.3
Postgresql Postgresql 9.0.5
Postgresql Postgresql 9.0.4
Postgresql Postgresql 9.0.6
Debian Debian Linux 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Desktop Workstation 5
4.3
CVSSv2
CVE-2012-2143
The crypt_des (aka DES-based crypt) function in FreeBSD prior to 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent malicious user...
Postgresql Postgresql
Freebsd Freebsd 5.2.1
Freebsd Freebsd 7.4
Freebsd Freebsd 6.1
Freebsd Freebsd 3.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 2.2.5
Freebsd Freebsd 5.5
Freebsd Freebsd 8.2
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
Freebsd Freebsd 2.2.2
Freebsd Freebsd 2.1.7
Freebsd Freebsd 4.11
Freebsd Freebsd 2.0.5
Freebsd Freebsd 8.0
Freebsd Freebsd 1.1.5.1
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 7.0
Freebsd Freebsd
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »