The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of PostgreSQL

PostgreSQL: code execution via CREATE EXTENSION
An attacker can use a vulnerability via CREATE EXTENSION of PostgreSQL, in order to run code...
CERTFR-2020-AVI-510, CVE-2020-14350, DLA-2331-1, openSUSE-SU-2020:1227-1, openSUSE-SU-2020:1228-1, openSUSE-SU-2020:1243-1, openSUSE-SU-2020:1244-1, openSUSE-SU-2020:1312-1, openSUSE-SU-2020:1326-1, RHSA-2020:3669-01, RHSA-2020:4295-01, SUSE-SU-2020:2264-1, SUSE-SU-2020:2265-1, SUSE-SU-2020:2271-1, SUSE-SU-2020:2355-1, USN-4472-1, VIGILANCE-VUL-33076
PostgreSQL: code execution via Search Path Element
An attacker can use a vulnerability via Search Path Element of PostgreSQL, in order to run code...
CVE-2020-14349, openSUSE-SU-2020:1228-1, openSUSE-SU-2020:1243-1, openSUSE-SU-2020:1244-1, openSUSE-SU-2020:1312-1, openSUSE-SU-2020:1326-1, RHSA-2020:3669-01, SUSE-SU-2020:2264-1, SUSE-SU-2020:2265-1, SUSE-SU-2020:2271-1, SUSE-SU-2020:2355-1, USN-4472-1, VIGILANCE-VUL-33075
PostgreSQL on Windows: executing code
An attacker can create a malicious program named as a system provided program, to make it run via the PostgreSQL installer...
CERTFR-2020-AVI-293, CVE-2020-10733, VIGILANCE-VUL-32276
PostgreSQL: denial of service via ALTER DEPENDS ON EXTENSION
An attacker can trigger a fatal error via ALTER DEPENDS ON EXTENSION of PostgreSQL, in order to trigger a denial of service...
CERTFR-2020-AVI-091, CVE-2020-1720, DLA-2105-1, DSA-4622-1, DSA-4623-1, openSUSE-SU-2020:0331-1, openSUSE-SU-2020:1227-1, RHSA-2020:0980-01, RHSA-2020:3669-01, RHSA-2020:4295-01, SUSE-SU-2020:0586-1, SUSE-SU-2020:0589-1, SUSE-SU-2020:0715-1, SUSE-SU-2020:0752-1, SUSE-SU-2020:2149-1, USN-4282-1, VIGILANCE-VUL-31598
PostgreSQL: four vulnerabilities
An attacker can use several vulnerabilities of PostgreSQL...
CVE-2019-10208, CVE-2019-10209, CVE-2019-10210, CVE-2019-10211, DLA-1874-1, DSA-4492-1, DSA-4493-1, openSUSE-SU-2019:2062-1, openSUSE-SU-2020:1227-1, RHSA-2020:3669-01, RHSA-2020:4295-01, SUSE-SU-2019:2158-1, SUSE-SU-2019:2159-1, SUSE-SU-2019:2228-1, SUSE-SU-2019:2707-1, USN-4090-1, VIGILANCE-VUL-29986
PostgreSQL: buffer overflow via Password Change
An attacker can trigger a buffer overflow via Password Change of PostgreSQL, in order to trigger a denial of service, and possibly to run code...
CVE-2019-10164, openSUSE-SU-2019:1773-1, RHSA-2020:0980-01, RHSA-2020:3669-01, SUSE-SU-2019:1783-1, SUSE-SU-2019:1783-2, SUSE-SU-2019:1810-1, USN-4027-1, VIGILANCE-VUL-29583
PostgreSQL: information disclosure via INSERT requests
A local attacker can read a memory fragment via INSERT of PostgreSQL, in order to obtain sensitive information...
CVE-2019-10129, USN-3972-1, VIGILANCE-VUL-29263
PostgreSQL: information disclosure via indexes
An attacker can use some operators in a SQL request to PostgreSQL, in order to obtain retrieve some values from a forbidden column...
CVE-2019-10130, DSA-4439-1, openSUSE-SU-2019:1578-1, openSUSE-SU-2019:1668-1, openSUSE-SU-2019:1773-1, openSUSE-SU-2020:1227-1, RHSA-2020:3669-01, RHSA-2020:4295-01, SUSE-SU-2019:1511-1, SUSE-SU-2019:1687-1, SUSE-SU-2019:1810-1, USN-3972-1, VIGILANCE-VUL-29262
PostgreSQL: privilege escalation via the Windows installer
The PostgreSQL installer for MS-Windows does not rightly define some permissions...
CVE-2019-10127, CVE-2019-10128, DLA-1784-1, VIGILANCE-VUL-29264
PostgreSQL: code execution via COPY TO/FROM PROGRAM
An attacker can use a vulnerability via COPY TO/FROM PROGRAM of PostgreSQL, in order to run code...
CERTFR-2020-AVI-395, CVE-2019-9193, FG-IR-19-294, VIGILANCE-VUL-28918
Our database contains other pages. You can request a free trial to read them.

Display information about PostgreSQL: