postgresql

186 tracked vulnerabilities.

CVE-2020-25696 HIGH
PostgreSQL < 9.5.24 - Remote Code Execution via \gset in psql Interactive Terminal
Nov 23, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-25695 HIGH
PostgreSQL < 13.1, < 12.5, < 11.10, < 10.15, < 9.6.20, < 9.5.24 - SQL Injection via Object Creation
Nov 16, 2020
CVSS 8.8
EPSS 0.24
CVE-2020-25694 HIGH
PostgreSQL < 9.5.24 - Use of a Broken or Risky Cryptographic Algorithm
Nov 16, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-10733 HIGH
PostgreSQL 9.5-12 - Untrusted Search Path via Windows Installer Executable Path
Sep 16, 2020
CVSS 7.3
EPSS 0.00
CVE-2020-14350 HIGH
PostgreSQL < 9.5.23 - Untrusted Search Path in Extension Installation Scripts
Aug 24, 2020
CVSS 7.3
EPSS 0.00
CVE-2020-14349 HIGH
PostgreSQL 10.0-10.13 - Authenticated SQL Injection via Logical Replication Search Path
Aug 24, 2020
CVSS 7.1
EPSS 0.02
CVE-2020-13692 HIGH
PostgreSQL JDBC Driver < 42.2.13 - XML External Entity Injection
Jun 04, 2020
CVSS 7.7
EPSS 0.08
CVE-2020-1720 LOW
PostgreSQL <12.2-9.6.17 - Privilege Escalation
Mar 17, 2020
CVSS 3.1
EPSS 0.00
CVE-2019-10128 HIGH
PostgreSQL < 9.4.22 - Improper Access Control via Inherited ACL
Mar 19, 2021
CVSS 7.8
EPSS 0.00
CVE-2019-10127 HIGH
PostgreSQL <11.3 - Privilege Escalation
Mar 19, 2021
CVSS 8.8
EPSS 0.00
CVE-2019-3466 HIGH
postgresql-common < 210 - Local Privilege Escalation via pg_ctlcluster Temporary Directory Creation
Nov 20, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-10211 CRITICAL
Postgresql <11.5-9.4.24 - Code Injection
Oct 29, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-10210 HIGH
Postgresql <11.5-9.4.24 - Info Disclosure
Oct 29, 2019
CVSS 7.0
EPSS 0.00
CVE-2019-10209 LOW
PostgreSQL 11.0-11.4 - Memory Disclosure in Cross-Type Comparison for Hashed Subplan
Oct 29, 2019
CVSS 2.2
EPSS 0.00
CVE-2019-10208 HIGH
PostgreSQL <9.4.24-11.5 - SQL Injection
Oct 29, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-10130 MEDIUM
PostgreSQL <11.3, 10.8, 9.6.13, 9.5.17 - Info Disclosure
Jul 30, 2019
CVSS 4.3
EPSS 0.00
CVE-2019-10129 MEDIUM
Postgresql <11.3 - Memory Corruption
Jul 30, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-10164 HIGH
PostgreSQL <10.9,11.4 - Buffer Overflow
Jun 26, 2019
CVSS 8.8
EPSS 0.13
CVE-2019-9193 HIGH NUCLEI
PostgreSQL 9.3-11.2 - Authenticated OS Command Injection via COPY TO/FROM PROGRAM
Apr 01, 2019
CVSS 7.2
EPSS 0.93
CVE-2018-16850 CRITICAL
postgresql <11.1, 10.6 - SQL Injection
Nov 13, 2018
CVSS 9.8
EPSS 0.01
CVE-2018-10936 HIGH
postgresql-jdbc <42.2.5 - SSL Man-In-The-Middle
Aug 30, 2018
CVSS 8.1
EPSS 0.01
CVE-2018-10925 HIGH
Canonical Ubuntu Linux < 9.5.14 - Incorrect Authorization
Aug 09, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-10915 HIGH
Redhat Openstack < 9.3.24 - Information Disclosure
Aug 09, 2018
CVSS 8.5
EPSS 0.02
CVE-2018-1115 CRITICAL
postgresql <10.4, 9.6.9 - Privilege Escalation
May 10, 2018
CVSS 9.1
EPSS 0.01
CVE-2018-1058 HIGH
PostgreSQL 9.3-10 - Authenticated Remote Code Execution via Query Behavior Modification
Mar 02, 2018
CVSS 8.8
EPSS 0.82
Products
postgresql 175 postgresql_jdbc_driver 10 pljava-public 1 postgresql-common 1
Quick Filters
Critical CVEs With Exploits In CISA KEV