This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Postgresql First view 2007-04-24
Product Postgresql Last view 2020-09-16
Version 7.3.21 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:postgresql:postgresql

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.3 2020-09-16 CVE-2020-10733

The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add files into one of those directories can use this to execute arbitrary code with the installer's administrative rights.

7.3 2020-08-24 CVE-2020-14350

It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23.

7.1 2020-08-24 CVE-2020-14349

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication.

6.5 2020-03-17 CVE-2020-1720

A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.

9.8 2020-01-27 CVE-2015-0244

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation.

8.8 2020-01-27 CVE-2015-0243

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

8.8 2020-01-27 CVE-2015-0242

Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a floating point number with a large precision, as demonstrated by using the to_char function.

8.8 2020-01-27 CVE-2015-0241

The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.

4.3 2020-01-27 CVE-2014-8161

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.

7.5 2019-11-20 CVE-2015-3167

contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.

9.8 2019-11-20 CVE-2015-3166

The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.

9.8 2019-10-29 CVE-2019-10211

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.

7 2019-10-29 CVE-2019-10210

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.

2.2 2019-10-29 CVE-2019-10209

Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.

8.8 2019-10-29 CVE-2019-10208

A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.

4.3 2019-07-30 CVE-2019-10130

A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17. PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker.

6.5 2019-07-30 CVE-2019-10129

A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052).

8.8 2019-06-26 CVE-2019-10164

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.

7.2 2019-04-01 CVE-2019-9193

** DISPUTED ** In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in PostgreSQL, a superuser can execute commands as the server user without using the ‘COPY FROM PROGRAM’.

9.8 2018-11-13 CVE-2018-16850

postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.

8.1 2018-08-20 CVE-2016-7048

The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software.

8.1 2018-08-09 CVE-2018-10925

It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they could exploit this to update other columns in the same table.

7.5 2018-08-09 CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.

9.1 2018-05-10 CVE-2018-1115

postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.

8.8 2018-03-02 CVE-2018-1058

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.

CWE : Common Weakness Enumeration

%idName
13% (6) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
11% (5) CWE-264 Permissions, Privileges, and Access Controls
11% (5) CWE-200 Information Exposure
11% (5) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
6% (3) CWE-284 Access Control (Authorization) Issues
6% (3) CWE-20 Improper Input Validation
4% (2) CWE-732 Incorrect Permission Assignment for Critical Resource
4% (2) CWE-426 Untrusted Search Path
4% (2) CWE-362 Race Condition
4% (2) CWE-189 Numeric Errors
4% (2) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
2% (1) CWE-787 Out-of-bounds Write
2% (1) CWE-476 NULL Pointer Dereference
2% (1) CWE-427 Uncontrolled Search Path Element
2% (1) CWE-399 Resource Management Errors
2% (1) CWE-209 Information Exposure Through an Error Message
2% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
2% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...

Open Source Vulnerability Database (OSVDB)

id Description
63208 PostgreSQL src/backend/executor/nodeHash.c SELECT Statement Overflow DoS
40905 TCL in PostgreSQL Crafted Regexp Infinite Loop Remote DoS
34903 PostgreSQL SECURITY DEFINER Functions Search Path Subversion Local Privilege ...

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-22 (postgresql-server postgresql-base)
File : nvt/glsa_201110_22.nasl
2011-08-09 Name : CentOS Update for postgresql CESA-2010:0429 centos5 i386
File : nvt/gb_CESA-2010_0429_postgresql_centos5_i386.nasl
2010-05-28 Name : RedHat Update for postgresql RHSA-2010:0429-01
File : nvt/gb_RHSA-2010_0429-01_postgresql.nasl
2010-05-28 Name : RedHat Update for postgresql RHSA-2010:0428-01
File : nvt/gb_RHSA-2010_0428-01_postgresql.nasl
2010-05-28 Name : RedHat Update for postgresql RHSA-2010:0427-01
File : nvt/gb_RHSA-2010_0427-01_postgresql.nasl
2010-05-28 Name : CentOS Update for postgresql CESA-2010:0428 centos4 i386
File : nvt/gb_CESA-2010_0428_postgresql_centos4_i386.nasl
2010-05-28 Name : CentOS Update for rh-postgresql CESA-2010:0427 centos3 i386
File : nvt/gb_CESA-2010_0427_rh-postgresql_centos3_i386.nasl
2010-03-30 Name : PostgreSQL Hash Table Integer Overflow Vulnerability
File : nvt/secpod_postgresql_int_overflow_vuln.nasl
2009-10-13 Name : SLES10: Security update for PostgreSQL
File : nvt/sles10_postgresql1.nasl
2009-10-10 Name : SLES9: Security update for postgresql
File : nvt/sles9p5021809.nasl
2009-04-09 Name : Mandriva Update for postgresql MDKSA-2007:094 (postgresql)
File : nvt/gb_mandriva_MDKSA_2007_094.nasl
2009-04-09 Name : Mandriva Update for postgresql MDVSA-2008:004 (postgresql)
File : nvt/gb_mandriva_MDVSA_2008_004.nasl
2009-04-09 Name : Mandriva Update for tcl MDVSA-2008:059 (tcl)
File : nvt/gb_mandriva_MDVSA_2008_059.nasl
2009-03-23 Name : Ubuntu Update for postgresql vulnerabilities USN-568-1
File : nvt/gb_ubuntu_USN_568_1.nasl
2009-03-23 Name : Ubuntu Update for postgresql-8.1, postgresql-8.2 vulnerability USN-454-1
File : nvt/gb_ubuntu_USN_454_1.nasl
2009-03-06 Name : RedHat Update for postgresql RHSA-2008:0038-01
File : nvt/gb_RHSA-2008_0038-01_postgresql.nasl
2009-03-06 Name : RedHat Update for tcltk RHSA-2008:0134-01
File : nvt/gb_RHSA-2008_0134-01_tcltk.nasl
2009-02-27 Name : CentOS Update for expect CESA-2008:0134 centos3 i386
File : nvt/gb_CESA-2008_0134_expect_centos3_i386.nasl
2009-02-27 Name : CentOS Update for tcltk CESA-2008:0134-01 centos2 i386
File : nvt/gb_CESA-2008_0134-01_tcltk_centos2_i386.nasl
2009-02-27 Name : CentOS Update for postgresql CESA-2008:0038 centos4 x86_64
File : nvt/gb_CESA-2008_0038_postgresql_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for postgresql CESA-2008:0038 centos4 i386
File : nvt/gb_CESA-2008_0038_postgresql_centos4_i386.nasl
2009-02-27 Name : Fedora Update for postgresql FEDORA-2007-0174
File : nvt/gb_fedora_2007_0174_postgresql_fc7.nasl
2009-02-27 Name : Fedora Update for postgresql FEDORA-2007-565
File : nvt/gb_fedora_2007_565_postgresql_fc6.nasl
2009-02-27 Name : Fedora Update for postgresql FEDORA-2007-566
File : nvt/gb_fedora_2007_566_postgresql_fc5.nasl
2009-02-27 Name : CentOS Update for expect CESA-2008:0134 centos3 x86_64
File : nvt/gb_CESA-2008_0134_expect_centos3_x86_64.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-B-0068 Multiple Vulnerabilities in PostgreSQL
Severity: Category I - VMSKEY: V0060809
2014-B-0022 Multiple Vulnerabilities in PostgreSQL
Severity: Category I - VMSKEY: V0044531

Snort® IPS/IDS

Date Description
2019-12-03 PostgreSQL SCRAM authentication stack buffer overflow attempt
RuleID : 52039 - Type : SERVER-OTHER - Revision : 1
2019-12-03 PostgreSQL SCRAM authentication stack buffer overflow attempt
RuleID : 52038 - Type : SERVER-OTHER - Revision : 1
2019-09-17 PostgreSQL interval stack buffer overflow attempt
RuleID : 51046 - Type : SERVER-OTHER - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-08550a9006.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-5d1f7bd2d7.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1117.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1118.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1119.nasl - Type: ACT_GATHER_INFO
2018-12-03 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201811-24.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_1c27a706e3aa11e8b77a6cc21735f730.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201810-08.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1311.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1312.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1080.nasl - Type: ACT_GATHER_INFO
2018-09-20 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1079.nasl - Type: ACT_GATHER_INFO
2018-09-20 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1080.nasl - Type: ACT_GATHER_INFO
2018-09-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1074.nasl - Type: ACT_GATHER_INFO
2018-08-31 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0178.nasl - Type: ACT_GATHER_INFO
2018-08-31 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0087.nasl - Type: ACT_GATHER_INFO
2018-08-29 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2557.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2016-0015.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0108.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0122.nasl - Type: ACT_GATHER_INFO
2018-08-16 Name: The remote Debian host is missing a security update.
File: debian_DLA-1464.nasl - Type: ACT_GATHER_INFO
2018-08-16 Name: The remote Fedora host is missing a security update.
File: fedora_2018-d8f5aea89d.nasl - Type: ACT_GATHER_INFO
2018-08-13 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4269.nasl - Type: ACT_GATHER_INFO
2018-08-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_96eab8749c7911e8b34b6cc21735f730.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0016.nasl - Type: ACT_GATHER_INFO