Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql postgresql vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0802
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.
Postgresql Postgresql 6.5.0
9.8
CVSSv3
CVE-2024-24213
Supabase PostgreSQL v15.1 exists to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendor's position is that this is an intended feature; also, it exists in the Supabase dashboard product, not the Supabase PostgreSQL product. Specif...
Postgresql Postgresql 15.1
7.5
CVSSv3
CVE-2002-1657
PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote malicious users to guess passwords via a brute force attack.
Postgresql Postgresql 7.3.19
NA
CVE-2007-3279
PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote malicious users to create and execute functions, as demonstrated by functions that perform local brute-fo...
Postgresql Postgresql 8.1
4.4
CVSSv3
CVE-2020-21469
An issue exists in PostgreSQL 12.2 allows malicious users to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users cannot send SIGHUP signals; they can only be sent by a PostgreSQL superuser, a user with pg_r...
Postgresql Postgresql 12.2
NA
CVE-2004-0547
Buffer overflow in the ODBC driver for PostgreSQL prior to 7.2.1 allows remote malicious users to cause a denial of service (crash).
Postgresql Postgresql 7.2.1
NA
CVE-2007-6601
The DBLink module in PostgreSQL 8.2 prior to 8.2.6, 8.1 prior to 8.1.11, 8.0 prior to 8.0.15, 7.4 prior to 7.4.19, and 7.3 prior to 7.3.21, when local trust or ident authentication is used, allows remote malicious users to gain privileges via unspecified vectors. NOTE: this issue...
Postgresql Postgresql 8.2
Postgresql Postgresql
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Fedoraproject Fedora 8
Fedoraproject Fedora 7
NA
CVE-2009-2943
The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote malicious users to leverage escaping issues involving multibyte character encodings.
Ocaml Postgresql-ocaml 1.5.4
Ocaml Postgresql-ocaml 1.7.0
Ocaml Postgresql-ocaml 1.12.1
4.3
CVSSv3
CVE-2019-10130
A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common ...
Postgresql Postgresql
Opensuse Leap 15.1
7.5
CVSSv3
CVE-2020-25696
A flaw was found in the psql interactive terminal of PostgreSQL in versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20 and prior to 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute ar...
Postgresql Postgresql
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »