Логотип exploitDog
product: "postgresql"
Консоль
Логотип exploitDog

exploitDog

product: "postgresql"
PostgreSQL

PostgreSQLсвободная объектно-реляционная система управления базами данных.

Релизный цикл, информация об уязвимостях

Продукт: PostgreSQL
Вендор: PostgreSQL

График релизов

131415161720202021202220232024202520262027202820292030

Недавние уязвимости PostgreSQL

Количество 970

redhat логотип

CVE-2019-10211

почти 6 лет назад

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.

CVSS3: 7.8
EPSS: Низкий
redhat логотип

CVE-2019-10209

почти 6 лет назад

Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.

CVSS3: 3.1
EPSS: Низкий
redhat логотип

CVE-2019-10210

почти 6 лет назад

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.

CVSS3: 6.7
EPSS: Низкий
fstec логотип

BDU:2019-02917

почти 6 лет назад

Уязвимость инсталлятора Windows EnterpriseDB системы управления базами данных PostgreSQL, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

CVSS3: 4.4
EPSS: Низкий
nvd логотип

CVE-2019-3800

почти 6 лет назад

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

CVSS3: 6.3
EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2019:1783-2

почти 6 лет назад

Security update for postgresql10

EPSS: Низкий
nvd логотип

CVE-2019-10130

около 6 лет назад

A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.

CVSS3: 4.3
EPSS: Низкий
debian логотип

CVE-2019-10130

около 6 лет назад

A vulnerability was found in PostgreSQL versions 11.x up to excluding ...

CVSS3: 4.3
EPSS: Низкий
nvd логотип

CVE-2019-10129

около 6 лет назад

A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).

CVSS3: 6.5
EPSS: Низкий
debian логотип

CVE-2019-10129

около 6 лет назад

A vulnerability was found in postgresql versions 11.x prior to 11.3. U ...

CVSS3: 6.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
redhat логотип
CVE-2019-10211

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.

CVSS3: 7.8
2%
Низкий
почти 6 лет назад
redhat логотип
CVE-2019-10209

Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.

CVSS3: 3.1
0%
Низкий
почти 6 лет назад
redhat логотип
CVE-2019-10210

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.

CVSS3: 6.7
0%
Низкий
почти 6 лет назад
fstec логотип
BDU:2019-02917

Уязвимость инсталлятора Windows EnterpriseDB системы управления базами данных PostgreSQL, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

CVSS3: 4.4
2%
Низкий
почти 6 лет назад
nvd логотип
CVE-2019-3800

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

CVSS3: 6.3
0%
Низкий
почти 6 лет назад
suse-cvrf логотип
SUSE-SU-2019:1783-2

Security update for postgresql10

5%
Низкий
почти 6 лет назад
nvd логотип
CVE-2019-10130

A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.

CVSS3: 4.3
0%
Низкий
около 6 лет назад
debian логотип
CVE-2019-10130

A vulnerability was found in PostgreSQL versions 11.x up to excluding ...

CVSS3: 4.3
0%
Низкий
около 6 лет назад
nvd логотип
CVE-2019-10129

A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).

CVSS3: 6.5
0%
Низкий
около 6 лет назад
debian логотип
CVE-2019-10129

A vulnerability was found in postgresql versions 11.x prior to 11.3. U ...

CVSS3: 6.5
0%
Низкий
около 6 лет назад

Уязвимостей на страницу


Поделиться