Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-13551
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM ...
Advantech Webaccess\\/scada 9.0.1
8.8
CVSSv3
CVE-2020-25695
A flaw was found in PostgreSQL versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20 and prior to 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity o...
Postgresql Postgresql
Debian Debian Linux 9.0
1 Github repository
8.8
CVSSv3
CVE-2020-11010
In Tortoise ORM prior to 0.15.23 and 0.16.6, various forms of SQL injection have been found for MySQL and when filtering or doing mass-updates on char/text fields. SQLite & PostgreSQL are only affected when filtering with contains, starts_with, or ends_with filters (and their...
Tortoise Orm Project Tortoise Orm
8.8
CVSSv3
CVE-2015-0241
The to_char function in PostgreSQL prior to 9.0.19, 9.1.x prior to 9.1.15, 9.2.x prior to 9.2.10, 9.3.x prior to 9.3.6, and 9.4.x prior to 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of dig...
Postgresql Postgresql
Debian Debian Linux 7.0
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2015-0242
Stack-based buffer overflow in the *printf function implementations in PostgreSQL prior to 9.0.19, 9.1.x prior to 9.1.15, 9.2.x prior to 9.2.10, 9.3.x prior to 9.3.6, and 9.4.x prior to 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial o...
Postgresql Postgresql
Debian Debian Linux 7.0
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2015-0243
Multiple buffer overflows in contrib/pgcrypto in PostgreSQL prior to 9.0.19, 9.1.x prior to 9.1.15, 9.2.x prior to 9.2.10, 9.3.x prior to 9.3.6, and 9.4.x prior to 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via ...
Postgresql Postgresql
Debian Debian Linux 7.0
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2019-19475
An issue exists in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in “Authenticated Users” group can exploit...
Zohocorp Manageengine Applications Manager 14.3
8.8
CVSSv3
CVE-2019-10208
A flaw exists in postgresql versions 9.4.x prior to 9.4.24, 9.5.x prior to 9.5.19, 9.6.x prior to 9.6.15, 10.x prior to 10.10 and 11.x prior to 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on ...
Postgresql Postgresql
8.8
CVSSv3
CVE-2016-10788
cPanel prior to 60.0.25 allows arbitrary code execution via Maketext in PostgreSQL adminbin (SEC-188).
Cpanel Cpanel
8.8
CVSSv3
CVE-2019-10164
PostgreSQL versions 10.x prior to 10.9 and versions 11.x prior to 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arb...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »