Vulnerabilities > Postgresql > Postgresql > 12.19

DATE CVE VULNERABILITY TITLE RISK
2024-11-14 CVE-2024-10976 Unspecified vulnerability in Postgresql
Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended.
network
low complexity
postgresql
5.4
2024-11-14 CVE-2024-10977 Insufficient Verification of Data Authenticity vulnerability in Postgresql
Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application.
network
high complexity
postgresql CWE-345
3.7
2024-11-14 CVE-2024-10978 Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended.
network
high complexity
postgresql debian
4.2
2024-11-14 CVE-2024-10979 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Postgresql
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g.
network
low complexity
postgresql CWE-610
8.8
2024-08-08 CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Postgresql
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser.
network
high complexity
postgresql CWE-367
7.5