Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postgresql vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0555
PostgreSQL 7.3 prior to 7.3.13, 7.4 prior to 7.4.16, 8.0 prior to 8.0.11, 8.1 prior to 8.1.7, and 8.2 prior to 8.2.2 allows malicious users to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service...
Postgresql Postgresql
NA
CVE-2005-0227
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension.
Postgresql Postgresql
6.5
CVSSv3
CVE-2021-32028
A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.
Postgresql Postgresql
5.5
CVSSv3
CVE-2017-8806
The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package prior to 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local d...
Postgresql Postgresql -
4 Github repositories
NA
CVE-2010-0442
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstra...
Postgresql Postgresql
1 EDB exploit
7
CVSSv3
CVE-2019-10210
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.
Postgresql Postgresql
9.8
CVSSv3
CVE-2019-10211
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.
Postgresql Postgresql
8.8
CVSSv3
CVE-2019-10208
A flaw exists in postgresql versions 9.4.x prior to 9.4.24, 9.5.x prior to 9.5.19, 9.6.x prior to 9.6.15, 10.x prior to 10.10 and 11.x prior to 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on ...
Postgresql Postgresql
2.2
CVSSv3
CVE-2019-10209
Postgresql, versions 11.x prior to 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
Postgresql Postgresql
NA
CVE-2006-5541
backend/parser/parse_coerce.c in PostgreSQL 7.4.1 up to and including 7.4.14, 8.0.x prior to 8.0.9, and 8.1.x prior to 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via a coercion of an unknown element to ANYARRAY.
Postgresql Postgresql
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »