Vulnerabilities > Postgresql > Postgresql > 9.3.23

DATE CVE VULNERABILITY TITLE RISK
2018-05-10 CVE-2018-1115 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile.
network
low complexity
postgresql opensuse CWE-732
critical
 9.1
9.1
2018-03-01 CVE-2017-14798 Race Condition vulnerability in multiple products
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
local
high complexity
postgresql suse CWE-362
7.0
7.0