Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2007-3278
PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote malicious users to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the co...
Postgresql Postgresql
Debian Debian Linux 3.1
Debian Debian Linux 4.0
607
VMScore
CVE-2012-0868
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x prior to 8.3.18, 8.4.x prior to 8.4.11, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows user-assisted remote malicious users to execute arbitrary SQL commands via a crafted file containing object names with newline...
Postgresql Postgresql 8.3.6
Postgresql Postgresql 8.3.10
Postgresql Postgresql 8.3.3
Postgresql Postgresql 8.3
Postgresql Postgresql 8.3.8
Postgresql Postgresql 8.3.13
Postgresql Postgresql 8.3.1
Postgresql Postgresql 8.3.4
Postgresql Postgresql 8.3.11
Postgresql Postgresql 8.3.5
Postgresql Postgresql 8.3.2
Postgresql Postgresql 8.3.15
Postgresql Postgresql 8.3.14
Postgresql Postgresql 8.3.9
Postgresql Postgresql 8.3.7
Postgresql Postgresql 8.3.12
Postgresql Postgresql 8.3.17
Postgresql Postgresql 8.3.16
Postgresql Postgresql 8.4.1
Postgresql Postgresql 8.4.6
Postgresql Postgresql 8.4.9
Postgresql Postgresql 8.4.10
607
VMScore
CVE-2009-3231
The core server component in PostgreSQL 8.3 prior to 8.3.8 and 8.2 prior to 8.2.14, when using LDAP authentication with anonymous binds, allows remote malicious users to bypass authentication via an empty password.
Postgresql Postgresql
Suse Linux Enterprise Server 9
Suse Linux Enterprise 11.0
Opensuse Opensuse
Suse Linux Enterprise 10.0
Fedoraproject Fedora 11
Fedoraproject Fedora 10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
605
VMScore
CVE-2020-25694
A flaw was found in PostgreSQL versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20 and prior to 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-rele...
Postgresql Postgresql
Debian Debian Linux 9.0
605
VMScore
CVE-2020-13692
PostgreSQL JDBC Driver (aka PgJDBC) prior to 42.2.13 allows XXE.
Postgresql Postgresql Jdbc Driver
Quarkus Quarkus
Netapp Steelstore Cloud Integrated Storage -
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
605
VMScore
CVE-2018-10936
A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a tru...
Postgresql Postgresql Jdbc Driver
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
605
VMScore
CVE-2014-0080
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/cast.rb in Active Record in Ruby on Rails 4.0.x prior to 4.0.3, and 4.1.0.beta1, when PostgreSQL is used, allows remote malicious users to execute "add data" SQL commands via ve...
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.0.0
605
VMScore
CVE-2013-4422
SQL injection vulnerability in Quassel IRC prior to 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote malicious users to execute arbitrary SQL commands via a \ (backslash) in a message.
Quassel-irc Quassel Irc 0.6.3
Quassel-irc Quassel Irc 0.7.1
Quassel-irc Quassel Irc 0.4.1
Quassel-irc Quassel Irc 0.4.0
Quassel-irc Quassel Irc
Quassel-irc Quassel Irc 0.7.0
Quassel-irc Quassel Irc 0.6.2
Quassel-irc Quassel Irc 0.3.1
Quassel-irc Quassel Irc 0.3.0.3
Quassel-irc Quassel Irc 0.7.4
Quassel-irc Quassel Irc 0.8.0
Quassel-irc Quassel Irc 0.6.1
Quassel-irc Quassel Irc 0.5.0
Quassel-irc Quassel Irc 0.3.0.2
Quassel-irc Quassel Irc 0.3.0.1
Quassel-irc Quassel Irc 0.7.3
Quassel-irc Quassel Irc 0.7.2
Quassel-irc Quassel Irc 0.4.3
Quassel-irc Quassel Irc 0.4.2
Quassel-irc Quassel Irc 0.3.0
Quassel-irc Quassel Irc 0.1.0
605
VMScore
CVE-2013-0255
PostgreSQL 9.2.x prior to 9.2.3, 9.1.x prior to 9.1.8, 9.0.x prior to 9.0.12, 8.4.x prior to 8.4.16, and 8.3.x prior to 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote au...
Postgresql Postgresql 8.3.16
Postgresql Postgresql 8.3.17
Postgresql Postgresql 8.3.20
Postgresql Postgresql 8.3.8
Postgresql Postgresql 8.3.21
Postgresql Postgresql 8.3.22
Postgresql Postgresql 8.3.2
Postgresql Postgresql 8.3.1
Postgresql Postgresql 8.3.19
Postgresql Postgresql 8.3.18
Postgresql Postgresql 8.3.6
Postgresql Postgresql 8.3.5
Postgresql Postgresql 8.3.12
Postgresql Postgresql 8.3.9
Postgresql Postgresql 8.3.11
Postgresql Postgresql 8.3.14
Postgresql Postgresql 8.3.7
Postgresql Postgresql 8.3.15
Postgresql Postgresql 8.3.4
Postgresql Postgresql 8.3.3
Postgresql Postgresql 8.3.10
Postgresql Postgresql 8.3.13
605
VMScore
CVE-2011-0411
The STARTTLS implementation in Postfix 2.4.x prior to 2.4.16, 2.5.x prior to 2.5.12, 2.6.x prior to 2.6.9, and 2.7.x prior to 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending ...
Postfix Postfix 2.4
Postfix Postfix 2.4.4
Postfix Postfix 2.4.0
Postfix Postfix 2.4.9
Postfix Postfix 2.4.8
Postfix Postfix 2.4.6
Postfix Postfix 2.4.5
Postfix Postfix 2.4.14
Postfix Postfix 2.4.15
Postfix Postfix 2.4.3
Postfix Postfix 2.4.2
Postfix Postfix 2.4.10
Postfix Postfix 2.4.11
Postfix Postfix 2.4.1
Postfix Postfix 2.4.7
Postfix Postfix 2.4.12
Postfix Postfix 2.4.13
Postfix Postfix 2.5.0
Postfix Postfix 2.5.8
Postfix Postfix 2.5.9
Postfix Postfix 2.5.6
Postfix Postfix 2.5.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »