postgresql

186 tracked vulnerabilities.

CVE-2015-0241 HIGH
PostgreSQL < 9.0.19, 9.1.x < 9.1.15, 9.2.x < 9.2.10, 9.3.x < 9.3.6, 9.4.x < 9.4.1 - Remote Code Execution via to_char
Jan 27, 2020
CVSS 8.8
EPSS 0.06
CVE-2015-3167 HIGH
PostgreSQL <9.0.20-9.4.2 - Info Disclosure
Nov 20, 2019
CVSS 7.5
EPSS 0.02
CVE-2015-3166 CRITICAL
PostgreSQL <9.0.20-9.4.2 - Info Disclosure
Nov 20, 2019
CVSS 9.8
EPSS 0.05
CVE-2015-5289
PostgreSQL < 9.3.10 - Denial of Service via JSON Parsing Stack Overflow
Oct 26, 2015
EPSS 0.07
CVE-2015-5288
PostgreSQL <9.0.23-9.4.5 - DoS
Oct 26, 2015
EPSS 0.09
CVE-2015-3165
PostgreSQL <9.0.20-9.4.2 - Use After Free
May 28, 2015
EPSS 0.08
CVE-2014-8161 MEDIUM
Postgresql < 9.0.19 - Error Information Exposure
Jan 27, 2020
CVSS 4.3
EPSS 0.01
CVE-2014-2669
PostgreSQL <9.0.16, <9.1.12, <9.2.7, <9.3.3 - Buffer Overflow
Mar 31, 2014
EPSS 0.01
CVE-2014-0067
PostgreSQL <9.3.3 - Privilege Escalation
Mar 31, 2014
EPSS 0.00
CVE-2014-0066
PostgreSQL < 8.4.20, 9.0.x < 9.0.16, 9.1.x < 9.1.12, 9.2.x < 9.2.7, 9.3.x < 9.3.3 - DoS via chkpass
Mar 31, 2014
EPSS 0.01
CVE-2014-0065
PostgreSQL <8.4.20, <9.0.16, <9.1.12, <9.2.7, <9.3.3 - Buffer Overflow
Mar 31, 2014
EPSS 0.04
CVE-2014-0064
PostgreSQL <8.4.20, <9.0.16, <9.1.12, <9.2.7, <9.3.3 - Buffer Overflow
Mar 31, 2014
EPSS 0.07
CVE-2014-0063
PostgreSQL Stack-Based Buffer Overflow via Datetime Values
Mar 31, 2014
EPSS 0.06
CVE-2014-0062
PostgreSQL < 8.4.19 - Authenticated Race Condition via CREATE INDEX or ALTER TABLE
Mar 31, 2014
EPSS 0.00
CVE-2014-0061
Postgresql < 8.4.19 - Access Control
Mar 31, 2014
EPSS 0.01
CVE-2014-0060
PostgreSQL <8.4.20-9.3.3 - Privilege Escalation
Mar 31, 2014
EPSS 0.01
CVE-2013-1903
PostgreSQL < 9.2.4, 9.1.9, 9.0.13, 8.4.17, 8.3.23 - Superuser Password Exposure
Apr 04, 2013
EPSS 0.01
CVE-2013-1902
PostgreSQL <9.2.4-8.3.23 - Info Disclosure
Apr 04, 2013
EPSS 0.01
CVE-2013-1901
PostgreSQL 9.1.x-9.2.x - Authenticated Privilege Escalation via pg_start_backup and pg_stop_backup Functions
Apr 04, 2013
EPSS 0.00
CVE-2013-1900
PostgreSQL 8.4.x-9.2.x - Insufficient Random Number Generation in pgcrypto Functions
Apr 04, 2013
EPSS 0.01
CVE-2013-1899
PostgreSQL Database Name Command Line Flag Injection
Apr 04, 2013
EPSS 0.81
CVE-2013-0255
PostgreSQL 8.3.x-9.2.x - Authenticated Denial of Service and Memory Disclosure via enum_recv Function
Feb 13, 2013
EPSS 0.04
CVE-2012-1618
PostgreSQL JDBC Driver < 8.2 - SQL Injection via Unescaped Statement Parameters
Oct 06, 2012
EPSS 0.02
CVE-2012-3489 MEDIUM
PostgreSQL 8.3.0-8.3.19, 8.4.0-8.4.12, 9.0.0-9.0.8, 9.1.0-9.1.4 - XXE Injection via xml_parse
Oct 03, 2012
CVSS 6.5
EPSS 0.01
CVE-2012-3488
PostgreSQL 8.3-8.3.19, 8.4-8.4.12, 9.0-9.0.8, 9.1-9.1.4 - Authenticated XML External Entity Injection via libxslt
Oct 03, 2012
EPSS 0.00
Products
postgresql 175 postgresql_jdbc_driver 10 pljava-public 1 postgresql-common 1
Quick Filters
Critical CVEs With Exploits In CISA KEV