Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-10	CVE-2023-5868	A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. network low complexity postgresql redhat	4.3
2023-12-10	CVE-2023-5870	A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. network high complexity postgresql redhat	4.4
2023-08-22	CVE-2020-21469	Classic Buffer Overflow vulnerability in Postgresql 12.2 An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals. local low complexity postgresql CWE-120	4.4
2023-08-11	CVE-2023-39418	A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. network low complexity postgresql redhat debian	4.3
2023-06-09	CVE-2023-2455	Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. network low complexity postgresql redhat fedoraproject	5.4
2022-08-25	CVE-2021-43767	Improper Certificate Validation vulnerability in Postgresql Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is configured to use the PostgreSQL server using 'trust' authentication with a 'clientcert' requirement or to use 'cert' authentication, a man-in-the-middle attacker can inject false responses to the client's first few queries. network high complexity postgresql CWE-295	5.9
2022-03-02	CVE-2021-23222	Insufficiently Protected Credentials vulnerability in Postgresql A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. network high complexity postgresql CWE-522	5.9
2022-03-02	CVE-2021-3677	Information Exposure vulnerability in multiple products A flaw was found in postgresql. network low complexity postgresql redhat fedoraproject CWE-200	6.5
2021-10-11	CVE-2021-32028	Unspecified vulnerability in Postgresql A flaw was found in postgresql. network low complexity postgresql	6.5
2021-10-08	CVE-2021-32029	Out-of-bounds Read vulnerability in multiple products A flaw was found in postgresql. network low complexity postgresql redhat CWE-125	6.5