CVSS: 7.3EPSS: 0%CPEs: 11EXPL: 0CVE-2020-14350 – postgresql: Uncontrolled search path element in CREATE EXTENSION
https://notcve.org/view.php?id=CVE-2020-14350
24 Aug 2020 — It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23. Se detectó que algunas extensiones de PostgreSQL no usaban la función search_path de forma segura en su script de inst... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-20: Improper Input Validation CWE-426: Untrusted Search Path •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14349 – postgresql: Uncontrolled search path element in logical replication
https://notcve.org/view.php?id=CVE-2020-14349
24 Aug 2020 — It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication. Se detectó que las versiones de PostgreSQL anteriores a 12.4, anteriores a 11.9 y anteriores a 10.14, no saneban apropiadamente la función search_path durante la replicación lógica. Un a... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00044.html • CWE-20: Improper Input Validation CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-427: Uncontrolled Search Path Element •
CVSS: 7.7EPSS: 2%CPEs: 6EXPL: 0CVE-2020-13692 – postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML
https://notcve.org/view.php?id=CVE-2020-13692
04 Jun 2020 — PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. PostgreSQL JDBC Driver (también se conoce como PgJDBC) versiones anteriores a 42.2.13, permite un ataque de tipo XXE A flaw was found in PostgreSQL JDBC in versions prior to 42.2.13. An XML External Entity (XXE) weakness was found in PostgreSQL JDBC. The highest threat from this vulnerability is to data confidentiality and system availability. Red Hat Decision Manager is an open source decision management platform that combines business rules ma... • https://github.com/pgjdbc/pgjdbc/commit/14b62aca4764d496813f55a43d050b017e01eb65 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1720 – postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
https://notcve.org/view.php?id=CVE-2020-1720
14 Feb 2020 — A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17. Se detectó un fallo en "ALTER ... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-285: Improper Authorization CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2019-3466 – Ubuntu Security Notice USN-4194-2
https://notcve.org/view.php?id=CVE-2019-3466
15 Nov 2019 — The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. El script pg_ctlcluster en postgresql-common en versiones anteriores a 210, no eliminó los privilegios cuando se crean directorios temporales socket/statistics, lo que podría resultar en una escalada de privilegios local. USN-4194-1 fixed a vulnerability in postgresql-common. This update provides the correspondi... • https://blog.mirch.io/2019/11/15/cve-2019-3466-debian-ubuntu-pg_ctlcluster-privilege-escalation • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10211
https://notcve.org/view.php?id=CVE-2019-10211
29 Oct 2019 — Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory. El instalador de Postgresql Windows anterior a las versiones 11.5, 10.10, 9.6.15, 9.5.19 y 9.4.24, es vulnerable por medio del código de ejecución de OpenSSL integrado desde un directorio desprotegido • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10211 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10210
https://notcve.org/view.php?id=CVE-2019-10210
29 Oct 2019 — Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file. El instalador de Postgresql Windows anterior a las versiones 11.5, 10.10, 9.6.15, 9.5.19 y 9.4.24, es vulnerable por medio de un superusuario al escribir una contraseña en un archivo temporal desprotegido. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10210 • CWE-522: Insufficiently Protected Credentials •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10209 – Ubuntu Security Notice USN-4090-1
https://notcve.org/view.php?id=CVE-2019-10209
09 Aug 2019 — Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan. Postgresql, versiones 11.x anteriores a 11.5, es vulnerable a una divulgación de memoria en comparación de tipo cruzada para un subplan de hash. Tom Lane discovered that PostgreSQL did not properly restrict functions declared as "SECURITY DEFINER". An attacker could use this to execute arbitrary SQL with the permissions of the function owner. Andreas Seltenreich discovered that PostgreSQL... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10209 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-10208 – postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution
https://notcve.org/view.php?id=CVE-2019-10208
09 Aug 2019 — A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. Se descubrió un fallo en postgresql versiones 9.4.x en versiones anteriores a la 9.4.24, versiones 9.5.x en versiones anteriores a la 9.5.19, versiones 9.6.x en ver... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 5%CPEs: 7EXPL: 0CVE-2019-10164 – postgresql: Stack-based buffer overflow via setting a password
https://notcve.org/view.php?id=CVE-2019-10164
20 Jun 2019 — PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account. Las versiones 10.x de PostgreSQL anteriores a 10.9 y 11.x anteriores a 11.4 son vulnerables a un desbordamiento de búfer basado en pilas. Cualquier usuario autenticado puede desbordar u... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00035.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •