Vulnerabilities > Postgresql

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-23	CVE-2021-20229	Incorrect Authorization vulnerability in multiple products A flaw was found in PostgreSQL in versions before 13.2. network low complexity postgresql redhat fedoraproject CWE-863	4.0
2020-11-23	CVE-2020-25696	Permissive Whitelist vulnerability in multiple products A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. network high complexity postgresql debian CWE-183	7.5
2020-11-16	CVE-2020-25695	SQL Injection vulnerability in multiple products A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. network low complexity postgresql debian CWE-89	8.8
2020-11-16	CVE-2020-25694	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. network high complexity postgresql debian CWE-327	8.1
2020-09-16	CVE-2020-10733	Untrusted Search Path vulnerability in Postgresql The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. local postgresql CWE-426	4.4
2020-08-24	CVE-2020-14350	Untrusted Search Path vulnerability in multiple products It was found that some PostgreSQL extensions did not use search_path safely in their installation script. local low complexity postgresql debian opensuse canonical CWE-426	7.3
2020-08-24	CVE-2020-14349	Uncontrolled Search Path Element vulnerability in multiple products It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. network high complexity postgresql opensuse CWE-427	7.1
2020-06-04	CVE-2020-13692	XXE vulnerability in multiple products PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. network high complexity postgresql quarkus netapp fedoraproject debian CWE-611	7.7
2020-03-17	CVE-2020-1720	Missing Authorization vulnerability in multiple products A flaw was found in PostgreSQL's "ALTER ... network low complexity postgresql redhat CWE-862	6.5
2020-01-27	CVE-2015-0244	SQL Injection vulnerability in multiple products PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation. network low complexity postgresql debian CWE-89	7.5

Vulnerabilities > Postgresql {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Postgresql"}]}

Vulnerabilities > Postgresql