PostgreSQL — свободная объектно-реляционная система управления базами данных.

Релизный цикл, информация об уязвимостях

Продукт: PostgreSQL

Вендор: PostgreSQL

График релизов

Недавние уязвимости PostgreSQL

Количество 1 017

CVE-2014-0067

почти 12 лет назад

The "make check" command for the test suites in PostgreSQL 9.3.3 and e ...

CVSS2: 4.6

EPSS: Низкий

CVE-2014-0066

почти 12 лет назад

The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.

CVSS2: 4

EPSS: Низкий

CVE-2014-0066

почти 12 лет назад

The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16 ...

CVSS2: 4

EPSS: Низкий

CVE-2014-0065

почти 12 лет назад

Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.

CVSS2: 6.5

EPSS: Низкий

CVE-2014-0065

почти 12 лет назад

Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9. ...

CVSS2: 6.5

EPSS: Низкий

CVE-2014-0064

почти 12 лет назад

Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.

CVSS2: 6.5

EPSS: Низкий

CVE-2014-0064

почти 12 лет назад

Multiple integer overflows in the path_in and other unspecified functi ...

CVSS2: 6.5

EPSS: Низкий

CVE-2014-0063

почти 12 лет назад

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.

CVSS2: 6.5

EPSS: Низкий

CVE-2014-0063

почти 12 лет назад

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0 ...

CVSS2: 6.5

EPSS: Низкий

CVE-2014-0062

почти 12 лет назад

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.

CVSS2: 4.9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2014-0067 The "make check" command for the test suites in PostgreSQL 9.3.3 and e ...	CVSS2: 4.6	0% Низкий	почти 12 лет назад
CVE-2014-0066 The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.	CVSS2: 4	1% Низкий	почти 12 лет назад
CVE-2014-0066 The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16 ...	CVSS2: 4	1% Низкий	почти 12 лет назад
CVE-2014-0065 Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.	CVSS2: 6.5	4% Низкий	почти 12 лет назад
CVE-2014-0065 Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9. ...	CVSS2: 6.5	4% Низкий	почти 12 лет назад
CVE-2014-0064 Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.	CVSS2: 6.5	7% Низкий	почти 12 лет назад
CVE-2014-0064 Multiple integer overflows in the path_in and other unspecified functi ...	CVSS2: 6.5	7% Низкий	почти 12 лет назад
CVE-2014-0063 Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.	CVSS2: 6.5	6% Низкий	почти 12 лет назад
CVE-2014-0063 Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0 ...	CVSS2: 6.5	6% Низкий	почти 12 лет назад
CVE-2014-0062 Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.	CVSS2: 4.9	0% Низкий	почти 12 лет назад

Уязвимостей на страницу