CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14349 – postgresql: Uncontrolled search path element in logical replication
https://notcve.org/view.php?id=CVE-2020-14349
24 Aug 2020 — It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. Se detectó que las versiones de PostgreSQL anteriores a 12.4, anteriores a 11.9 y anteriores a 10.14, no saneban apropiadamente la función search_path durante la replicación lógica. Un a... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00044.html • CWE-20: Improper Input Validation CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-427: Uncontrolled Search Path Element •
CVSS: 7.7EPSS: 2%CPEs: 6EXPL: 0CVE-2020-13692 – postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML
https://notcve.org/view.php?id=CVE-2020-13692
04 Jun 2020 — PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. PostgreSQL JDBC Driver (también se conoce como PgJDBC) versiones anteriores a 42.2.13, permite un ataque de tipo XXE A flaw was found in PostgreSQL JDBC in versions prior to 42.2.13. An XML External Entity (XXE) weakness was found in PostgreSQL JDBC. The highest threat from this vulnerability is to data confidentiality and system availability. Red Hat Decision Manager is an open source decision management platform that combines business rules ma... • https://github.com/pgjdbc/pgjdbc/commit/14b62aca4764d496813f55a43d050b017e01eb65 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1720 – postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
https://notcve.org/view.php?id=CVE-2020-1720
14 Feb 2020 — A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17. Se detectó un fallo en "ALTER ... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-285: Improper Authorization CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2019-3466 – Ubuntu Security Notice USN-4194-2
https://notcve.org/view.php?id=CVE-2019-3466
15 Nov 2019 — The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. El script pg_ctlcluster en postgresql-common en versiones anteriores a 210, no eliminó los privilegios cuando se crean directorios temporales socket/statistics, lo que podría resultar en una escalada de privilegios local. USN-4194-1 fixed a vulnerability in postgresql-common. This update provides the correspondi... • https://blog.mirch.io/2019/11/15/cve-2019-3466-debian-ubuntu-pg_ctlcluster-privilege-escalation • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10211
https://notcve.org/view.php?id=CVE-2019-10211
29 Oct 2019 — Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory. El instalador de Postgresql Windows anterior a las versiones 11.5, 10.10, 9.6.15, 9.5.19 y 9.4.24, es vulnerable por medio del código de ejecución de OpenSSL integrado desde un directorio desprotegido • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10211 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10210
https://notcve.org/view.php?id=CVE-2019-10210
29 Oct 2019 — Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file. El instalador de Postgresql Windows anterior a las versiones 11.5, 10.10, 9.6.15, 9.5.19 y 9.4.24, es vulnerable por medio de un superusuario al escribir una contraseña en un archivo temporal desprotegido. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10210 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-10208 – postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution
https://notcve.org/view.php?id=CVE-2019-10208
09 Aug 2019 — A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. Se descubrió un fallo en postgresql versiones 9.4.x en versiones anteriores a la 9.4.24, versiones 9.5.x en versiones anteriores a la 9.5.19, versiones 9.6.x en ver... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 5%CPEs: 7EXPL: 0CVE-2019-10164 – postgresql: Stack-based buffer overflow via setting a password
https://notcve.org/view.php?id=CVE-2019-10164
20 Jun 2019 — PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account. Las versiones 10.x de PostgreSQL anteriores a 10.9 y 11.x anteriores a 11.4 son vulnerables a un desbordamiento de búfer basado en pilas. Cualquier usuario autenticado puede desbordar u... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00035.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-10130 – postgresql: Selectivity estimators bypass row security policies
https://notcve.org/view.php?id=CVE-2019-10130
09 May 2019 — A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain column... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 93%CPEs: 1EXPL: 13CVE-2019-9193 – PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution
https://notcve.org/view.php?id=CVE-2019-9193
01 Apr 2019 — In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in ... • https://packetstorm.news/files/id/171722 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •