Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2022-31197
PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of column names so a malicious c...
Postgresql Postgresql Jdbc Driver
Postgresql Postgresql Jdbc Driver 42.4.0
Postgresql Postgresql Jdbc Driver 42.4.1
Debian Debian Linux 10.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8
CVSSv3
CVE-2016-7070
A privilege escalation flaw was found in the Ansible Tower. When Tower prior to 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database.
Redhat Ansible Tower
7.8
CVSSv3
CVE-2023-2291
Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP) build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permission...
Zohocorp Manageengine Pam360
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Password Manager Pro
7.8
CVSSv3
CVE-2019-10128
A vulnerability was found in postgresql versions 11.x before 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration...
Postgresql Postgresql
7.8
CVSSv3
CVE-2019-3466
The pg_ctlcluster script in postgresql-common in versions before 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
Postgresql Postgresql-common
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2019-3800
CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is t...
Pivotal Cloud Foundry Deployment Concourse Tasks
Pivotal Cloud Foundry Deployment
Pivotal Cloud Foundry Smoke Test
Pivotal Cloud Foundry Routing Release
Pivotal Cloud Foundry Notifications
Pivotal Cloud Foundry Command Line Interface Release
Pivotal Cloud Foundry Log Cache Release
Pivotal Cloud Foundry Networking Release
Pivotal Cloud Foundry Command Line Interface
Pivotal Cloud Foundry Healthwatch
Pivotal Credhub Service Broker For Pcf
Pivotal Metric Registrar Release
Pivotal On Demand Service Broker
Pivotal Application Service
Pivotal Cloud Foundry Autoscaling Release
Pivotal Pivotal Cloud Foundry Service Broker
Pivotal Single Sign-on
Pivotal Cloud Foundry Event Alerts
Appdynamics Platform Montioring
Bluemedora Nozzle
Contrastsecurity Service Broker
Cyberark Conjur Service Broker
7.8
CVSSv3
CVE-2018-20862
cPanel prior to 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
Cpanel Cpanel
7.8
CVSSv3
CVE-2019-5443
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can d...
Haxx Curl
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Mysql Server
Oracle Oss Support Tools 20.0
Netapp Oncommand Insight -
Netapp Oncommand Unified Manager
Netapp Oncommand Workflow Automation -
Netapp Snapcenter -
1 Github repository
7.8
CVSSv3
CVE-2018-0468
A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite (CEMS) could allow an authenticated, local malicious user to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database...
Cisco Energy Management Suite 5.2
7.8
CVSSv3
CVE-2016-1255
The pg_ctlcluster script in postgresql-common package in Debian wheezy prior to 134wheezy5, in Debian jessie prior to 165+deb8u2, in Debian unstable prior to 178, in Ubuntu 12.04 LTS prior to 129ubuntu1.2, in Ubuntu 14.04 LTS prior to 154ubuntu1.1, in Ubuntu 16.04 LTS prior to 17...
Debian Postgresql-common 11
Debian Postgresql-common 12
Debian Postgresql-common 13
Debian Postgresql-common 14
Debian Postgresql-common 28
Debian Postgresql-common 29
Debian Postgresql-common 30
Debian Postgresql-common 31
Debian Postgresql-common 44
Debian Postgresql-common 7
Debian Postgresql-common 9
Debian Postgresql-common 16
Debian Postgresql-common 18
Debian Postgresql-common 23
Debian Postgresql-common 45
Debian Postgresql-common 46
Debian Postgresql-common 47
Debian Postgresql-common 61
Debian Postgresql-common 62
Debian Postgresql-common 63
Debian Postgresql-common 64
Debian Postgresql-common 78
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »