Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-0080
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/cast.rb in Active Record in Ruby on Rails 4.0.x prior to 4.0.3, and 4.1.0.beta1, when PostgreSQL is used, allows remote malicious users to execute "add data" SQL commands via ve...
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.0.0
6.8
CVSSv2
CVE-2013-4422
SQL injection vulnerability in Quassel IRC prior to 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote malicious users to execute arbitrary SQL commands via a \ (backslash) in a message.
Quassel-irc Quassel Irc 0.6.3
Quassel-irc Quassel Irc 0.7.1
Quassel-irc Quassel Irc 0.4.1
Quassel-irc Quassel Irc 0.4.0
Quassel-irc Quassel Irc
Quassel-irc Quassel Irc 0.7.0
Quassel-irc Quassel Irc 0.6.2
Quassel-irc Quassel Irc 0.3.1
Quassel-irc Quassel Irc 0.3.0.3
Quassel-irc Quassel Irc 0.7.4
Quassel-irc Quassel Irc 0.8.0
Quassel-irc Quassel Irc 0.6.1
Quassel-irc Quassel Irc 0.5.0
Quassel-irc Quassel Irc 0.3.0.2
Quassel-irc Quassel Irc 0.3.0.1
Quassel-irc Quassel Irc 0.7.3
Quassel-irc Quassel Irc 0.7.2
Quassel-irc Quassel Irc 0.4.3
Quassel-irc Quassel Irc 0.4.2
Quassel-irc Quassel Irc 0.3.0
Quassel-irc Quassel Irc 0.1.0
6.8
CVSSv2
CVE-2013-0255
PostgreSQL 9.2.x prior to 9.2.3, 9.1.x prior to 9.1.8, 9.0.x prior to 9.0.12, 8.4.x prior to 8.4.16, and 8.3.x prior to 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote au...
Postgresql Postgresql 8.3.16
Postgresql Postgresql 8.3.17
Postgresql Postgresql 8.3.20
Postgresql Postgresql 8.3.8
Postgresql Postgresql 8.3.21
Postgresql Postgresql 8.3.22
Postgresql Postgresql 8.3.2
Postgresql Postgresql 8.3.1
Postgresql Postgresql 8.3.19
Postgresql Postgresql 8.3.18
Postgresql Postgresql 8.3.6
Postgresql Postgresql 8.3.5
Postgresql Postgresql 8.3.12
Postgresql Postgresql 8.3.9
Postgresql Postgresql 8.3.11
Postgresql Postgresql 8.3.14
Postgresql Postgresql 8.3.7
Postgresql Postgresql 8.3.15
Postgresql Postgresql 8.3.4
Postgresql Postgresql 8.3.3
Postgresql Postgresql 8.3.10
Postgresql Postgresql 8.3.13
6.8
CVSSv2
CVE-2012-0868
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x prior to 8.3.18, 8.4.x prior to 8.4.11, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows user-assisted remote malicious users to execute arbitrary SQL commands via a crafted file containing object names with newline...
Postgresql Postgresql 8.3.6
Postgresql Postgresql 8.3.10
Postgresql Postgresql 8.3.3
Postgresql Postgresql 8.3
Postgresql Postgresql 8.3.8
Postgresql Postgresql 8.3.13
Postgresql Postgresql 8.3.1
Postgresql Postgresql 8.3.4
Postgresql Postgresql 8.3.11
Postgresql Postgresql 8.3.5
Postgresql Postgresql 8.3.2
Postgresql Postgresql 8.3.15
Postgresql Postgresql 8.3.14
Postgresql Postgresql 8.3.9
Postgresql Postgresql 8.3.7
Postgresql Postgresql 8.3.12
Postgresql Postgresql 8.3.17
Postgresql Postgresql 8.3.16
Postgresql Postgresql 8.4.1
Postgresql Postgresql 8.4.6
Postgresql Postgresql 8.4.9
Postgresql Postgresql 8.4.10
6.8
CVSSv2
CVE-2011-0411
The STARTTLS implementation in Postfix 2.4.x prior to 2.4.16, 2.5.x prior to 2.5.12, 2.6.x prior to 2.6.9, and 2.7.x prior to 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending ...
Postfix Postfix 2.4
Postfix Postfix 2.4.4
Postfix Postfix 2.4.0
Postfix Postfix 2.4.9
Postfix Postfix 2.4.8
Postfix Postfix 2.4.6
Postfix Postfix 2.4.5
Postfix Postfix 2.4.14
Postfix Postfix 2.4.15
Postfix Postfix 2.4.3
Postfix Postfix 2.4.2
Postfix Postfix 2.4.10
Postfix Postfix 2.4.11
Postfix Postfix 2.4.1
Postfix Postfix 2.4.7
Postfix Postfix 2.4.12
Postfix Postfix 2.4.13
Postfix Postfix 2.5.0
Postfix Postfix 2.5.8
Postfix Postfix 2.5.9
Postfix Postfix 2.5.6
Postfix Postfix 2.5.7
6.8
CVSSv2
CVE-2009-3231
The core server component in PostgreSQL 8.3 prior to 8.3.8 and 8.2 prior to 8.2.14, when using LDAP authentication with anonymous binds, allows remote malicious users to bypass authentication via an empty password.
Postgresql Postgresql
Suse Linux Enterprise Server 9
Suse Linux Enterprise 11.0
Opensuse Opensuse
Suse Linux Enterprise 10.0
Fedoraproject Fedora 11
Fedoraproject Fedora 10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
6.8
CVSSv2
CVE-2009-0543
ProFTPD Server 1.3.1, with NLS support enabled, allows remote malicious users to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
Proftpd Proftpd 1.3.1
1 EDB exploit
1 Github repository
6.8
CVSSv2
CVE-2007-6067
Algorithmic complexity vulnerability in the regular expression parser in TCL prior to 8.4.17, as used in PostgreSQL 8.2 prior to 8.2.6, 8.1 prior to 8.1.11, 8.0 prior to 8.0.15, and 7.4 prior to 7.4.19, allows remote authenticated users to cause a denial of service (memory consum...
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.11
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.3.4
Postgresql Postgresql 7.4.11
Postgresql Postgresql 7.4.12
Postgresql Postgresql 7.4.4
Postgresql Postgresql 7.4.5
Postgresql Postgresql 8.0.13
Postgresql Postgresql 8.0.2
Postgresql Postgresql 8.0.9
Postgresql Postgresql 7.3.14
Postgresql Postgresql 7.3.15
Postgresql Postgresql 7.3.9
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.16
Postgresql Postgresql 7.4.17
Postgresql Postgresql 7.4.8
Postgresql Postgresql 7.4.9
Postgresql Postgresql 8.0
Postgresql Postgresql 8.0.4
Postgresql Postgresql 8.0.5
6.8
CVSSv2
CVE-2007-4769
The regular expression parser in TCL prior to 8.4.17, as used in PostgreSQL 8.2 prior to 8.2.6, 8.1 prior to 8.1.11, 8.0 prior to 8.0.15, and 7.4 prior to 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
Postgresql Postgresql 7.3.1
Postgresql Postgresql 7.3.10
Postgresql Postgresql 7.3.19
Postgresql Postgresql 7.3.2
Postgresql Postgresql 7.3.3
Postgresql Postgresql 7.4.10
Postgresql Postgresql 7.4.11
Postgresql Postgresql 7.4.3
Postgresql Postgresql 7.4.4
Postgresql Postgresql 8.0.11
Postgresql Postgresql 8.0.13
Postgresql Postgresql 7.3
Postgresql Postgresql 7.3.15
Postgresql Postgresql 7.3.16
Postgresql Postgresql 7.4
Postgresql Postgresql 7.4.1
Postgresql Postgresql 7.4.17
Postgresql Postgresql 7.4.2
Postgresql Postgresql 7.4.9
Postgresql Postgresql 8.0
Postgresql Postgresql 8.0.1
Postgresql Postgresql 8.0.5
6.8
CVSSv2
CVE-2007-0363
Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) prior to 2.0.10 and (2) Openads (aka phpAdsNew) prior to 2.0.10 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Openads Openads 2.0.8 Pr1
Openads Openads 2.0.9 Pr1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »