postgresql

186 tracked vulnerabilities.

CVE-2018-1053 HIGH
PostgreSQL 9.3.0-9.3.20, 9.4.0-9.4.15, 9.5.0-9.5.10, 9.6.0-9.6.6, 10.0-10.1 - Insecure Temporary File Permissions
Feb 09, 2018
CVSS 7.0
EPSS 0.00
CVE-2018-1052 MEDIUM
PostgreSQL 10.x < 10.2 - Authenticated Memory Disclosure via Partitioned Table Insert
Feb 09, 2018
CVSS 6.5
EPSS 0.00
CVE-2017-14798 HIGH
PostgreSQL - Privilege Escalation via Race Condition in Init Script
Mar 01, 2018
CVSS 7.3
EPSS 0.01
CVE-2017-12172 MEDIUM
PostgreSQL 9.2.x-9.6.x < 10.1 - Privilege Escalation via Symbolic Link Attack on Log File
Nov 22, 2017
CVSS 6.7
EPSS 0.00
CVE-2017-15099 MEDIUM
PostgreSQL 9.5.x < 9.5.10, 9.6.x < 9.6.6, 10.x < 10.1 - Unauthorized Data Exposure via INSERT ON CONFLICT DO UPDATE
Nov 22, 2017
CVSS 6.5
EPSS 0.27
CVE-2017-15098 HIGH
PostgreSQL 9.3.x-9.6.x < 10.1 - Memory Disclosure via json_populate_recordset
Nov 22, 2017
CVSS 8.1
EPSS 0.01
CVE-2017-8806 MEDIUM
PostgreSQL-related scripts for Debian and Ubuntu - Arbitrary File Overwrite via Insecure Symbolic Link Handling
Nov 13, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-7548 HIGH
PostgreSQL <9.4.13-9.6.4 - Privilege Escalation
Aug 16, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-7547 HIGH
PostgreSQL <9.2.22-9.6.4 - Privilege Escalation
Aug 16, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-7546 CRITICAL
PostgreSQL <9.2.22-9.6.4 - Privilege Escalation
Aug 16, 2017
CVSS 9.8
EPSS 0.33
CVE-2017-7486 HIGH
PostgreSQL 8.4-9.6 - Unauthorized Information Disclosure via pg_user_mappings View
May 12, 2017
CVSS 7.5
EPSS 0.04
CVE-2017-7485 MEDIUM
PostgreSQL <9.3.17, 9.4.x <9.4.12, 9.5.x <9.5.7, 9.6.x <9.6.3 - SSRF
May 12, 2017
CVSS 5.9
EPSS 0.01
CVE-2017-7484 HIGH
PostgreSQL <9.2.21-9.6.3 - Info Disclosure
May 12, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-7048 HIGH
PostgreSQL < 9.1.24 - Remote Code Execution via Interactive Installer HTTP Download
Aug 20, 2018
CVSS 8.1
EPSS 0.12
CVE-2016-0768 HIGH
PostgreSQL PL/Java >9.0 - Privilege Escalation
Jun 06, 2017
CVSS 7.5
EPSS 0.00
CVE-2016-0767 MEDIUM
PostgreSQL PL/Java <1.5.0 - Privilege Escalation
Jun 06, 2017
CVSS 6.5
EPSS 0.00
CVE-2016-5424 HIGH
Debian Linux < 9.1.22 - Code Injection
Dec 09, 2016
CVSS 7.1
EPSS 0.02
CVE-2016-5423 HIGH
Debian Linux < 9.1.22 - NULL Pointer Dereference
Dec 09, 2016
CVSS 8.3
EPSS 0.03
CVE-2016-3065 CRITICAL
PostgreSQL pageinspect extension - Denial of Service via Crafted BRIN Index Page
Apr 11, 2016
CVSS 9.1
EPSS 0.01
CVE-2016-2193 HIGH
PostgreSQL < 9.5.2 - Unauthenticated Row-Security Bypass via Cached Plans
Apr 11, 2016
CVSS 7.5
EPSS 0.02
CVE-2016-0773 HIGH
PostgreSQL DoS via Large Unicode Character Range in Regular Expression
Feb 17, 2016
CVSS 7.5
EPSS 0.11
CVE-2016-0766 HIGH
PostgreSQL <9.1.20-9.5.1 - Privilege Escalation
Feb 17, 2016
CVSS 8.8
EPSS 0.01
CVE-2015-0244 CRITICAL
PostgreSQL SQL Injection via Crafted Binary Data in Protocol Message
Jan 27, 2020
CVSS 9.8
EPSS 0.01
CVE-2015-0243 HIGH
PostgreSQL Buffer Overflow in pgcrypto (Auth Required)
Jan 27, 2020
CVSS 8.8
EPSS 0.06
CVE-2015-0242 HIGH
PostgreSQL Stack-Based Buffer Overflow via Floating Point Number Precision
Jan 27, 2020
CVSS 8.8
EPSS 0.03
Products
postgresql 175 postgresql_jdbc_driver 10 pljava-public 1 postgresql-common 1
Quick Filters
Critical CVEs With Exploits In CISA KEV