Vulnerabilities (CVE)

Filtered by vendor Postgresql Subscribe
Filtered by product Postgresql
Total 140 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-32028 1 Postgresql 1 Postgresql 2021-10-18 4.0 MEDIUM 6.5 MEDIUM
A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.
CVE-2021-32029 2 Postgresql, Redhat 2 Postgresql, Jboss Enterprise Application Platform 2021-10-15 4.0 MEDIUM 6.5 MEDIUM
A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.
CVE-2021-32027 2 Postgresql, Redhat 4 Postgresql, Enterprise Linux, Jboss Enterprise Application Platform and 1 more 2021-09-14 6.5 MEDIUM 8.8 HIGH
A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2018-10915 4 Canonical, Debian, Postgresql and 1 more 9 Ubuntu Linux, Debian Linux, Postgresql and 6 more 2021-08-04 6.0 MEDIUM 7.5 HIGH
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.
CVE-2013-4422 3 Postgresql, Qt, Quassel-irc 3 Postgresql, Qt, Quassel Irc 2021-06-16 6.8 MEDIUM N/A
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.
CVE-2021-20229 3 Fedoraproject, Postgresql, Redhat 4 Fedora, Postgresql, Enterprise Linux and 1 more 2021-06-09 4.0 MEDIUM 4.3 MEDIUM
A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.
CVE-2021-3393 2 Postgresql, Redhat 3 Postgresql, Enterprise Linux, Software Collections 2021-06-04 3.5 LOW 4.3 MEDIUM
An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.
CVE-2019-10128 2 Microsoft, Postgresql 2 Windows, Postgresql 2021-04-30 4.1 MEDIUM 7.8 HIGH
A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code.
CVE-2019-10127 2 Microsoft, Postgresql 2 Windows, Postgresql 2021-04-30 4.3 MEDIUM 8.8 HIGH
A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code. An attacker having only the unprivileged Windows account can read arbitrary data directory files, essentially bypassing database-imposed read access limitations. An attacker having only the unprivileged Windows account can also delete certain data directory files.
CVE-2020-25696 2 Debian, Postgresql 2 Debian Linux, Postgresql 2020-12-15 7.6 HIGH 7.5 HIGH
A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25695 1 Postgresql 1 Postgresql 2020-12-07 6.5 MEDIUM 8.8 HIGH
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25694 1 Postgresql 1 Postgresql 2020-12-07 6.8 MEDIUM 8.1 HIGH
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2018-1115 2 Opensuse, Postgresql 2 Leap, Postgresql 2020-12-04 6.4 MEDIUM 9.1 CRITICAL
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.
CVE-2019-10129 1 Postgresql 1 Postgresql 2020-12-04 4.0 MEDIUM 6.5 MEDIUM
A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).
CVE-2012-4575 2 Pgbouncer Project, Postgresql 2 Pgbouncer, Postgresql 2020-11-03 5.0 MEDIUM N/A
The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (daemon outage) via a long database name in a request.
CVE-2019-10164 4 Fedoraproject, Opensuse, Postgresql and 1 more 4 Fedora, Leap, Postgresql and 1 more 2020-10-02 9.0 HIGH 8.8 HIGH
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.
CVE-2019-10209 1 Postgresql 1 Postgresql 2020-10-01 3.5 LOW 2.2 LOW
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
CVE-2020-10733 1 Postgresql 1 Postgresql 2020-10-01 4.4 MEDIUM 7.3 HIGH
The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add files into one of those directories can use this to execute arbitrary code with the installer's administrative rights.
CVE-2019-10130 2 Opensuse, Postgresql 2 Leap, Postgresql 2020-09-30 4.0 MEDIUM 4.3 MEDIUM
A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.
CVE-2020-14350 3 Debian, Opensuse, Postgresql 3 Debian Linux, Leap, Postgresql 2020-09-18 4.4 MEDIUM 7.3 HIGH
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23.