Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql postgresql vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-43036
An issue exists in Kaseya Unitrends Backup Appliance prior to 10.5.5. The password for the PostgreSQL wguest account is weak.
Kaseya Unitrends Backup
668
VMScore
CVE-2021-44427
An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) prior to 8.1.1 allows remote malicious users to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
Rosariosis Rosariosis
668
VMScore
CVE-2021-41558
The set_user extension module prior to 3.0.0 for PostgreSQL allows ProcessUtility_hook bypass via set_config.
Set User Project Set User
668
VMScore
CVE-2021-38140
The set_user extension module prior to 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user().
Set User Project Set User
668
VMScore
CVE-2021-33204
In the pg_partman (aka PG Partition Manager) extension prior to 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because an explicit search_path is not set.
Pgxn Pg Partman
668
VMScore
CVE-2020-17446
asyncpg prior to 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, because of access to an uninitialized pointer in the array data decoder.
Magic Asyncpg
Debian Debian Linux 9.0
668
VMScore
CVE-2015-0244
PostgreSQL prior to 9.0.19, 9.1.x prior to 9.1.15, 9.2.x prior to 9.2.10, 9.3.x prior to 9.3.6, and 9.4.x prior to 9.4.1 does not properly handle errors while reading a protocol message, which allows remote malicious users to conduct SQL injection attacks via crafted binary data ...
Postgresql Postgresql
Debian Debian Linux 8.0
Debian Debian Linux 7.0
668
VMScore
CVE-2012-3460
cumin: At installation postgresql database user created without password
Redhat Enterprise Mrg 2.0
668
VMScore
CVE-2015-3166
The snprintf implementation in PostgreSQL prior to 9.0.20, 9.1.x prior to 9.1.16, 9.2.x prior to 9.2.11, 9.3.x prior to 9.3.7, and 9.4.x prior to 9.4.2 does not properly handle system-call errors, which allows malicious users to obtain sensitive information or have other unspecif...
Postgresql Postgresql
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
668
VMScore
CVE-2019-10211
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.
Postgresql Postgresql
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »