Vulnerabilities > Postgresql > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-03 | CVE-2022-41862 | In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. | 3.7 |
| 2021-04-01 | CVE-2021-3393 | Information Exposure Through an Error Message vulnerability in multiple products An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. | 3.5 |
| 2019-10-29 | CVE-2019-10209 | Out-of-bounds Read vulnerability in Postgresql Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan. | 3.5 |
| 2018-02-09 | CVE-2018-1053 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. | 3.3 |
| 2006-02-14 | CVE-2006-0678 | Denial of Service vulnerability in PostgreSQL Set Session Authorization PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, when compiled with Asserts enabled, allows local users to cause a denial of service (server crash) via a crafted SET SESSION AUTHORIZATION command, a different vulnerability than CVE-2006-0553. local postgresql | 1.5 |
| 2005-05-03 | CVE-2005-1410 | The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments. | 2.1 |
| 1999-12-02 | CVE-1999-0862 | Unspecified vulnerability in Postgresql 6.3.2/6.5.3/6.5.3.1 Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file. | 2.1 |