CVSS: 8.1EPSS: 0%CPEs: 12EXPL: 0CVE-2021-23214 – postgresql: server processes unencrypted bytes from man-in-the-middle
https://notcve.org/view.php?id=CVE-2021-23214
12 Nov 2021 — When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. Cuando el servidor está configurado para usar la autenticación confiable con un requisito de clientcert o para usar la autenticación de cert, un atacante de tipo man-in-the-middle puede inyectar consultas SQL arbitrarias cuando... • https://bugzilla.redhat.com/show_bug.cgi?id=2022666 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-10128
https://notcve.org/view.php?id=CVE-2019-10128
19 Mar 2021 — A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows accoun... • https://bugzilla.redhat.com/show_bug.cgi?id=1707102 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10127
https://notcve.org/view.php?id=CVE-2019-10127
19 Mar 2021 — A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code. An attacker having only the unprivileged Windows account can read arbit... • https://bugzilla.redhat.com/show_bug.cgi?id=1707098 • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3393 – postgresql: Partition constraint violation errors leak values of denied columns
https://notcve.org/view.php?id=CVE-2021-3393
15 Feb 2021 — An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read. Se detectó un filtrado de información en postgresql en versiones anteriores a 13.2, versiones anteriore... • https://bugzilla.redhat.com/show_bug.cgi?id=1924005 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-25695 – postgresql: Multiple features escape "security restricted operation" sandbox
https://notcve.org/view.php?id=CVE-2020-25695
16 Nov 2020 — A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en PostgreSQL versiones anteriores a 13.1, anteriores a 12.5, anteriores a 11.10, anteriores... • https://bugzilla.redhat.com/show_bug.cgi?id=1894425 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2020-25694 – postgresql: Reconnection can downgrade connection security settings
https://notcve.org/view.php?id=CVE-2020-25694
16 Nov 2020 — A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.... • https://bugzilla.redhat.com/show_bug.cgi?id=1894423 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10211
https://notcve.org/view.php?id=CVE-2019-10211
29 Oct 2019 — Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory. El instalador de Postgresql Windows anterior a las versiones 11.5, 10.10, 9.6.15, 9.5.19 y 9.4.24, es vulnerable por medio del código de ejecución de OpenSSL integrado desde un directorio desprotegido • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10211 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10210
https://notcve.org/view.php?id=CVE-2019-10210
29 Oct 2019 — Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file. El instalador de Postgresql Windows anterior a las versiones 11.5, 10.10, 9.6.15, 9.5.19 y 9.4.24, es vulnerable por medio de un superusuario al escribir una contraseña en un archivo temporal desprotegido. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10210 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.0EPSS: 97%CPEs: 1EXPL: 13CVE-2019-9193 – PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution
https://notcve.org/view.php?id=CVE-2019-9193
01 Apr 2019 — In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in ... • https://packetstorm.news/files/id/171722 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.3EPSS: 1%CPEs: 5EXPL: 0CVE-2016-7048
https://notcve.org/view.php?id=CVE-2016-7048
20 Aug 2018 — The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software. El instalador interactivo en PostgreSQL en versiones anteriores a la 9.3.15, 9.4.x anteriores a la 9.4.10 y 9.5.x anteriores a la 9.5.5 podría permitir que los atacantes remotos ejecuten código arbitrario utilizando HTTP para descargar software. • https://bugzilla.redhat.com/show_bug.cgi?id=1378043 • CWE-284: Improper Access Control •