Exposición de PostgreSQL

Databases

41

score de exposición

9752

sitios usan

0

en explotación

0

críticos

CVEs

83 resultados

CVE-2017-7548—PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privEPSS 3.5%CVE-2018-10936HIGHA weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a hoEPSS 2.9%CVE-2020-25696—A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6EPSS 2.6%CVE-2017-7484—It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before EPSS 2.6%CVE-2014-8161—PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated uEPSS 2.5%CVE-2018-10925HIGHIt was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certainEPSS 2.2%CVE-2020-14349—It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical repEPSS 2.2%CVE-2019-10208HIGHA flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x beforEPSS 2.2%CVE-2021-32027—A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SEPSS 2.0%CVE-2017-7485—In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL envirEPSS 2.0%CVE-2021-23214—When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle aEPSS 1.9%CVE-2019-10211HIGHPostgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unproEPSS 1.9%CVE-2018-1052—Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read aEPSS 1.8%CVE-2019-10129MEDIUMA vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can EPSS 1.6%CVE-2020-25694—A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client aEPSS 1.6%CVE-2024-7348HIGHPostgreSQL relation replacement during pg_dump executes arbitrary SQLEPSS 1.6%CVE-2022-2625—A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the abilityEPSS 1.5%CVE-2021-23222—A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification aEPSS 1.5%CVE-2021-20229—A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special queryEPSS 1.5%CVE-2024-0985HIGHPostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQLEPSS 1.5%

← anteriorpágina 2 / 5siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →