Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql vulnerabilities and exploits
(subscribe to this query)
908
VMScore
CVE-2019-9193
In PostgreSQL 9.3 up to and including 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is en...
Postgresql Postgresql
1 EDB exploit
10 Github repositories
578
VMScore
CVE-2019-10208
A flaw exists in postgresql versions 9.4.x prior to 9.4.24, 9.5.x prior to 9.5.19, 9.6.x prior to 9.6.15, 10.x prior to 10.10 and 11.x prior to 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on ...
Postgresql Postgresql
312
VMScore
CVE-2019-10209
Postgresql, versions 11.x prior to 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
Postgresql Postgresql
668
VMScore
CVE-2019-10211
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.
Postgresql Postgresql
169
VMScore
CVE-2019-10210
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.
Postgresql Postgresql
756
VMScore
CVE-2007-0555
PostgreSQL 7.3 prior to 7.3.13, 7.4 prior to 7.4.16, 8.0 prior to 8.0.11, 8.1 prior to 8.1.7, and 8.2 prior to 8.2.2 allows malicious users to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service...
Postgresql Postgresql
383
VMScore
CVE-2019-10127
A vulnerability was found in postgresql versions 11.x before 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an a...
Postgresql Postgresql
365
VMScore
CVE-2019-10128
A vulnerability was found in postgresql versions 11.x before 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration...
Postgresql Postgresql
356
VMScore
CVE-2019-10129
A vulnerability was found in postgresql versions 11.x before 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploi...
Postgresql Postgresql
NA
CVE-2020-21469
An issue exists in PostgreSQL 12.2 allows malicious users to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users cannot send SIGHUP signals; they can only be sent by a PostgreSQL superuser, a user with pg_r...
Postgresql Postgresql 12.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »