VYPR

PostgreSQL

by PostgreSQL

Source repositories

CVEs (179)

  • CVE-2017-7484HigMay 12, 2017
    risk 0.49cvss 7.5epss 0.03

    It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information.…

  • CVE-2016-2193HigApr 11, 2016
    risk 0.49cvss 7.5epss 0.02

    PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role.

  • CVE-2016-0773HigFeb 17, 2016
    risk 0.49cvss 7.5epss 0.07

    PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.

  • CVE-2002-1657HigDec 31, 2002
    risk 0.49cvss 7.5epss 0.01

    PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.

  • CVE-2016-5424HigDec 9, 2016
    risk 0.47cvss 7.1epss 0.05

    PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage…

  • CVE-2018-1053HigFeb 9, 2018
    risk 0.46cvss 7.0epss 0.00

    In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade,…

  • CVE-2017-12172MedNov 22, 2017
    risk 0.44cvss 6.7epss 0.01

    PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account.…

  • CVE-2017-15099MedNov 22, 2017
    risk 0.43cvss 6.5epss 0.06

    INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT…

  • CVE-2026-6479HigMay 14, 2026
    risk 0.42cvss 7.5epss 0.00

    Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions…

  • CVE-2018-1052MedFeb 9, 2018
    risk 0.42cvss 6.5epss 0.02

    Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table.

  • CVE-2012-3489MedOct 3, 2012
    risk 0.42cvss 6.5epss 0.03

    The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file…

  • CVE-2026-6476HigMay 14, 2026
    risk 0.40cvss 7.2epss 0.00

    SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and…

  • CVE-2017-7485MedMay 12, 2017
    risk 0.39cvss 5.9epss 0.02

    In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this…

  • CVE-2025-12818MedNov 13, 2025
    risk 0.38cvss 5.9epss 0.00

    Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application…

  • CVE-2025-4207MedMay 8, 2025
    risk 0.38cvss 5.9epss 0.01

    Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL…

  • CVE-2017-8806MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.00

    The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local…

  • CVE-2026-6478MedMay 14, 2026
    risk 0.35cvss 6.5epss 0.00

    Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all supported releases. However, current databases…

  • CVE-2026-6575MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintainer to infer memory values past that array end. Within major version 18, minor…

  • CVE-2026-6472MedMay 14, 2026
    risk 0.28cvss 5.4epss 0.00

    Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. …

  • CVE-2026-6474MedMay 14, 2026
    risk 0.21cvss 4.3epss 0.00

    Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

Page 2 of 9