45 results (0.010 seconds)

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1

19 Mar 2021 — A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows accoun... • https://bugzilla.redhat.com/show_bug.cgi?id=1707102 • CWE-284: Improper Access Control •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

19 Mar 2021 — A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code. An attacker having only the unprivileged Windows account can read arbit... • https://bugzilla.redhat.com/show_bug.cgi?id=1707098 • CWE-284: Improper Access Control •

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0

29 Oct 2019 — Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory. El instalador de Postgresql Windows anterior a las versiones 11.5, 10.10, 9.6.15, 9.5.19 y 9.4.24, es vulnerable por medio del código de ejecución de OpenSSL integrado desde un directorio desprotegido • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10211 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0

29 Oct 2019 — Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file. El instalador de Postgresql Windows anterior a las versiones 11.5, 10.10, 9.6.15, 9.5.19 y 9.4.24, es vulnerable por medio de un superusuario al escribir una contraseña en un archivo temporal desprotegido. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10210 • CWE-522: Insufficiently Protected Credentials •

CVSS: 9.0EPSS: 5%CPEs: 7EXPL: 0

20 Jun 2019 — PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account. Las versiones 10.x de PostgreSQL anteriores a 10.9 y 11.x anteriores a 11.4 son vulnerables a un desbordamiento de búfer basado en pilas. Cualquier usuario autenticado puede desbordar u... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00035.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 9%CPEs: 5EXPL: 0

20 Aug 2018 — The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software. El instalador interactivo en PostgreSQL en versiones anteriores a la 9.3.15, 9.4.x anteriores a la 9.4.10 y 9.5.x anteriores a la 9.5.5 podría permitir que los atacantes remotos ejecuten código arbitrario utilizando HTTP para descargar software. • https://bugzilla.redhat.com/show_bug.cgi?id=1378043 • CWE-284: Improper Access Control •

CVSS: 8.5EPSS: 2%CPEs: 17EXPL: 0

09 Aug 2018 — A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •

CVSS: 9.1EPSS: 1%CPEs: 3EXPL: 0

10 May 2018 — postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation. postgresql en versiones anteriores a la 10.4 y la 9.6.9 es vulnerable en la extensión adminpack. La función pg_catalog.pg_logfile_rotate() no sigue las mismas lista de control de acceso que pg_rorate_logfile. Si admin... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 2

01 Mar 2018 — A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root. Una condición de carrera en el script init de postgresql podría ser aprovechada por atacantes para acceder a la cuenta postgresql y escalar sus privilegios a root. PostgreSQL version 9.4-0.5.3 suffers from a privilege escalation vulnerability. • https://packetstorm.news/files/id/148884 • CWE-61: UNIX Symbolic Link (Symlink) Following CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 8.1EPSS: 0%CPEs: 53EXPL: 0

09 Nov 2017 — Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory. Las llamadas de función json_populate_recordset o jsonb_populate_recordset inválidas en PostgreSQL en versiones 10.x anteriores a la 10.1; versiones 9.6.x anteriores a la 9.6.6, versiones 9.5.x anteriores a la 9.5.10; versiones 9.4.x anteriores a la 9.4.15... • http://www.securityfocus.com/bid/101781 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •