Page 4 of 54 results (0.010 seconds)

CVSS: 8.5EPSS: 1%CPEs: 47EXPL: 0

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. PostgreSQL en versiones anteriores a 9.1.23, 9.2.x en versiones anteriores a 9.2.18, 9.3.x en versiones anteriores a 9.3.14, 9.4.x en versiones anteriores a 9.4.9 y 9.5.x en versiones anteriores a 9.5.4 permiten a usuarios remotos autenticados provocar una denegación de servicio (referencia a puntero NULL y caída del servidor), obtener información de memoria sensible, o posiblemente ejecutar código arbitrario a través de (1) una expresión CASE dentro de la subexpresión de valor de prueba de otro CASE o (2) el inicio de una función SQL que implementa el operador de igualdad utilizado para una expresión CASE que implica valores de diferentes tipos. A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code. • http://rhn.redhat.com/errata/RHSA-2016-1781.html http://rhn.redhat.com/errata/RHSA-2016-1820.html http://rhn.redhat.com/errata/RHSA-2016-1821.html http://rhn.redhat.com/errata/RHSA-2016-2606.html http://www.debian.org/security/2016/dsa-3646 http://www.securityfocus.com/bid/92433 http://www.securitytracker.com/id/1036617 https://access.redhat.com/errata/RHSA-2017:2425 https://bugzilla.redhat.com/show_bug.cgi?id=1364001 https://security.gentoo.org/glsa/201701-33 • CWE-476: NULL Pointer Dereference CWE-822: Untrusted Pointer Dereference •

CVSS: 7.5EPSS: 21%CPEs: 28EXPL: 0

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression. PostgreSQL en versiones anteriores a 9.1.20, 9.2.x en versiones anteriores a 9.2.15, 9.3.x en versiones anteriores a 9.3.11, 9.4.x en versiones anteriores a 9.4.6 y 9.5.x en versiones anteriores a 9.5.1 permite a atacantes remotos provocar una denegación de servicio (bucle infinito o desbordamiento de buffer y caída) a través de un amplio rango de caracteres Unicode en una expresión regular. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html http://lists.opensuse.org/opensuse-security-announce& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 6.4EPSS: 2%CPEs: 49EXPL: 0

The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt. La función crypt en contrib/pgcrypto en PostgreSQL en versiones anteriores a 9.0.23, 9.1.x en versiones anteriores a 9.1.19, 9.2.x en versiones anteriores a 9.2.14, 9.3.x en versiones anteriores a 9.3.10 y 9.4.x en versiones anteriores a 9.4.5 permite a atacantes provocar una denegación de servicio (caída del servidor) o leer la memoria del servidor arbitrariamente a través de un salt 'too-short'. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172316.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169094.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00033.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00040.html http://www.debian.org/security/2015/dsa-3374 http://www.debian.org/security/2016/dsa-3475 http://www.oracle.com/technetwork/top • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 8%CPEs: 44EXPL: 0

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence. Vulnerabilidad de doble liberación en PostgreSQL anterior a 9.0.20, 9.1.x anterior a 9.1.16, 9.2.x anterior a 9.2.11, 9.3.x anterior a 9.3.7, y 9.4.x anterior a 9.4.2 permite a atacantes remotos causar una denegación de servicio (caída) mediante el cierre de una sesión SSL en un momento cuando el fin de sesión de la autenticación caducará durante la secuencia del cierre de sesión. A double-free flaw was found in the way PostgreSQL handled connections. An unauthenticated attacker could possibly exploit this flaw to crash the PostgreSQL backend by disconnecting at approximately the same time as the authentication time out was triggered. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://rhn.redhat.com/errata/RHSA-2015-1194.html http://rhn.redhat.com/errata/RHSA-2015-1195.html http://rhn.redhat.com/errata/RHSA-2015-1196.html http://www.debian.org/security/2015/dsa-3269 http://www.debian.org/security/2015/dsa-3270 http://www.postgresql.org/about/news/1587 http://www.postgresql.org/docs/9.0/static/release-9-0-20.html http://www.postgresql.org/docs/9.1/static • CWE-416: Use After Free •

CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0

The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error. La implementación de snprintf en PostgreSQL versiones anteriores a 9.0.20, versiones 9.1.x anteriores a 9.1.16, versiones 9.2.x anteriores a 9.2.11, versiones 9.3.x anteriores a 9.3.7 y versiones 9.4.x anteriores a 9.4.2, no maneja apropiadamente los errores de llamadas al sistema , lo que permite a atacantes obtener información confidencial o tener otro impacto no especificado por medio de vectores desconocidos, como es demostrado por un error fuera de la memoria. It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system was in a state that would cause the standard library functions to fail (for example, memory exhaustion), an authenticated user could possibly exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file. • http://ubuntu.com/usn/usn-2621-1 http://www.debian.org/security/2015/dsa-3269 http://www.debian.org/security/2015/dsa-3270 http://www.postgresql.org/about/news/1587 http://www.postgresql.org/docs/9.0/static/release-9-0-20.html http://www.postgresql.org/docs/9.1/static/release-9-1-16.html http://www.postgresql.org/docs/9.2/static/release-9-2-11.html http://www.postgresql.org/docs/9.3/static/release-9-3-7.html http://www.postgresql.org/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-391: Unchecked Error Condition •