Vulnerabilities (CVE)

Filtered by vendor Postgresql Subscribe
Total 170 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-3166 3 Canonical, Debian, Postgresql 3 Ubuntu Linux, Debian Linux, Postgresql 2024-02-04 7.5 HIGH 9.8 CRITICAL
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.
CVE-2019-10208 1 Postgresql 1 Postgresql 2024-02-04 6.5 MEDIUM 8.8 HIGH
A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.
CVE-2015-3167 3 Canonical, Debian, Postgresql 3 Ubuntu Linux, Debian Linux, Postgresql 2024-02-04 5.0 MEDIUM 7.5 HIGH
contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.
CVE-2019-10129 1 Postgresql 1 Postgresql 2024-02-04 4.0 MEDIUM 6.5 MEDIUM
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).
CVE-2019-10130 2 Opensuse, Postgresql 2 Leap, Postgresql 2024-02-04 4.0 MEDIUM 4.3 MEDIUM
A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.
CVE-2019-10164 4 Fedoraproject, Opensuse, Postgresql and 1 more 4 Fedora, Leap, Postgresql and 1 more 2024-02-04 9.0 HIGH 8.8 HIGH
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.
CVE-2018-16850 3 Canonical, Postgresql, Redhat 3 Ubuntu Linux, Postgresql, Enterprise Linux 2024-02-04 7.5 HIGH 9.8 CRITICAL
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.
CVE-2018-10915 4 Canonical, Debian, Postgresql and 1 more 9 Ubuntu Linux, Debian Linux, Postgresql and 6 more 2024-02-04 6.0 MEDIUM 7.5 HIGH
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.
CVE-2016-7048 1 Postgresql 1 Postgresql 2024-02-04 9.3 HIGH 8.1 HIGH
The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software.
CVE-2018-10925 3 Canonical, Debian, Postgresql 3 Ubuntu Linux, Debian Linux, Postgresql 2024-02-04 5.5 MEDIUM 8.1 HIGH
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they could exploit this to update other columns in the same table.
CVE-2018-10936 2 Postgresql, Redhat 2 Postgresql Jdbc Driver, Enterprise Linux 2024-02-04 6.8 MEDIUM 8.1 HIGH
A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate for the wrong host, as long as it was signed by a trusted CA.
CVE-2018-1058 3 Canonical, Postgresql, Redhat 3 Ubuntu Linux, Postgresql, Cloudforms 2024-02-04 6.5 MEDIUM 8.8 HIGH
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
CVE-2017-14798 2 Postgresql, Suse 2 Postgresql, Suse Linux Enterprise Server 2024-02-04 6.9 MEDIUM 7.0 HIGH
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
CVE-2018-1115 2 Opensuse, Postgresql 2 Leap, Postgresql 2024-02-04 6.4 MEDIUM 9.1 CRITICAL
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.
CVE-2018-1053 4 Canonical, Debian, Postgresql and 1 more 4 Ubuntu Linux, Debian Linux, Postgresql and 1 more 2024-02-04 3.3 LOW 7.0 HIGH
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is infeasible if a directory mode blocks the attacker searching the current working directory or if the prevailing umask blocks the attacker opening the file.
CVE-2018-1052 1 Postgresql 1 Postgresql 2024-02-04 4.0 MEDIUM 6.5 MEDIUM
Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table.
CVE-2017-7546 2 Debian, Postgresql 2 Debian Linux, Postgresql 2024-02-04 7.5 HIGH 9.8 CRITICAL
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.
CVE-2017-7548 2 Debian, Postgresql 2 Debian Linux, Postgresql 2024-02-04 4.0 MEDIUM 7.5 HIGH
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
CVE-2017-7547 1 Postgresql 1 Postgresql 2024-02-04 4.0 MEDIUM 8.8 HIGH
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so.
CVE-2017-15098 2 Debian, Postgresql 2 Debian Linux, Postgresql 2024-02-04 5.5 MEDIUM 8.1 HIGH
Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory.