CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 0CVE-2017-7484 – postgresql: Selectivity estimators bypass SELECT privilege checks
https://notcve.org/view.php?id=CVE-2017-7484
12 May 2017 — It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access. Se ha descubierto que algunas funciones de estimación de selectividad en PostgreSQL, en versiones anteriores ... • http://www.debian.org/security/2017/dsa-3851 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 134EXPL: 0CVE-2017-7486 – postgresql: pg_user_mappings view discloses foreign server passwords
https://notcve.org/view.php?id=CVE-2017-7486
12 May 2017 — PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. Las versiones 8.4 a 9.6 de PostgreSQL son vulnerables a un filtrado de información en la vista pg_user_mappings que revela contraseñas de servidores extranjeros a cualquier usuario que tenga privilegio USAGE en el servidor extranjero asociado. It was found that the pg_user_mappings view could disclose informati... • http://www.debian.org/security/2017/dsa-3851 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization CWE-522: Insufficiently Protected Credentials •
CVSS: 7.6EPSS: 2%CPEs: 47EXPL: 0CVE-2016-5424 – postgresql: privilege escalation via crafted database and role names
https://notcve.org/view.php?id=CVE-2016-5424
12 Aug 2016 — PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation. PostgreSQL en versiones anteriores a 9.1.23, 9.2.x en versiones anteriores a 9.2.18, 9.3.x en versiones anteriore... • http://rhn.redhat.com/errata/RHSA-2016-1781.html • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.5EPSS: 0%CPEs: 47EXPL: 0CVE-2016-5423 – postgresql: CASE/WHEN with inlining can cause untrusted pointer dereference
https://notcve.org/view.php?id=CVE-2016-5423
12 Aug 2016 — PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. Postgre... • http://rhn.redhat.com/errata/RHSA-2016-1781.html • CWE-476: NULL Pointer Dereference CWE-822: Untrusted Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2193
https://notcve.org/view.php?id=CVE-2016-2193
11 Apr 2016 — PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role. PostgreSQL en versiones anteriores a 9.5.x en versiones anteriores a 9.5.2 no mantiene correctamente el estado de seguridad en fila en planos cacheados, lo que podría permitir a atacantes eludir las restricciones destinadas al acceso aprovechando una sesión que realiza consu... • http://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commitdiff%3Bh=db69e58a0642ef7fa46d62f6c4cf2460c3a1b41b • CWE-254: 7PK - Security Features •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3065
https://notcve.org/view.php?id=CVE-2016-3065
11 Apr 2016 — The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page. Las funciones (1) brin_page_type y (2) brin_metapage_info en la extensión pageinspect en PostgreSQL en versiones anteriores a 9.5.x en versiones anteriores a 9.5.2 permite a a... • http://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commitdiff%3Bh=bf78a6f107949fdfb513d1b45e30cefe04e09e4f • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 0CVE-2016-0766 – Gentoo Linux Security Advisory 201701-33
https://notcve.org/view.php?id=CVE-2016-0766
12 Feb 2016 — PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors. PostgreSQL en versiones anteriores a 9.1.20, 9.2.x en versiones anteriores a 9.2.15, 9.3.x en versiones anteriores a 9.3.11, 9.4.x en versiones anteriores a 9.4.6 y 9.5.x en versiones anteriores a 9.5.1 no restringe adecuadamente el ac... • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 20%CPEs: 28EXPL: 0CVE-2016-0773 – postgresql: case insensitive range handling integer overflow leading to buffer overflow
https://notcve.org/view.php?id=CVE-2016-0773
12 Feb 2016 — PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression. PostgreSQL en versiones anteriores a 9.1.20, 9.2.x en versiones anteriores a 9.2.15, 9.3.x en versiones anteriores a 9.3.11, 9.4.x en versiones anteriores a 9.4.6 y 9.5.x en versiones anteriores a 9.5.1 permite a atacantes remotos provocar un... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 2%CPEs: 49EXPL: 0CVE-2015-5288 – postgresql: limited memory disclosure flaw in crypt()
https://notcve.org/view.php?id=CVE-2015-5288
16 Oct 2015 — The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt. La función crypt en contrib/pgcrypto en PostgreSQL en versiones anteriores a 9.0.23, 9.1.x en versiones anteriores a 9.1.19, 9.2.x en versiones anteriores a 9.2.14, 9.3.x en versiones anteriores a 9.3.10 y 9.4.x en versiones anteriores a 9.4... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172316.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 2%CPEs: 7EXPL: 0CVE-2015-5289 – postgresql: stack overflow DoS when parsing json or jsonb inputs
https://notcve.org/view.php?id=CVE-2015-5289
16 Oct 2015 — Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values. Múltiple desbordamiento de buffer basado en pila en el análisis gramatical de json en PostgreSQL en versiones anteriores a 9.3.x en versiones anteriores a 9.3.10 y 9.4.x en versiones anteriores a 9.4.5 permite a atacantes provocar una denegación... • http://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commit%3Bh=08fa47c4850cea32c3116665975bca219fbf2fe6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-674: Uncontrolled Recursion •