Vulnerabilities > Postgresql > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-02 CVE-2021-3677 A flaw was found in postgresql.
network
low complexity
postgresql redhat fedoraproject
6.5
2021-10-11 CVE-2021-32028 Unspecified vulnerability in Postgresql
A flaw was found in postgresql.
network
low complexity
postgresql
6.5
2021-10-08 CVE-2021-32029 Out-of-bounds Read vulnerability in multiple products
A flaw was found in postgresql.
network
low complexity
postgresql redhat CWE-125
6.5
2021-04-01 CVE-2021-3393 An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11.
network
low complexity
postgresql redhat
4.3
2021-02-23 CVE-2021-20229 A flaw was found in PostgreSQL in versions before 13.2.
network
low complexity
postgresql redhat fedoraproject
4.3
2020-03-17 CVE-2020-1720 Missing Authorization vulnerability in multiple products
A flaw was found in PostgreSQL's "ALTER ...
network
low complexity
postgresql redhat CWE-862
6.5
2020-01-27 CVE-2014-8161 Information Exposure Through an Error Message vulnerability in multiple products
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
network
low complexity
postgresql debian CWE-209
4.3
2019-07-30 CVE-2019-10130 Improper Access Control vulnerability in multiple products
A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x up to, excluding 9.5.17.
network
low complexity
postgresql opensuse CWE-284
4.3
2019-07-30 CVE-2019-10129 Out-of-bounds Read vulnerability in Postgresql 11.0/11.1/11.2
A vulnerability was found in postgresql versions 11.x prior to 11.3.
network
low complexity
postgresql CWE-125
6.5
2018-02-09 CVE-2018-1052 Information Exposure vulnerability in Postgresql 10.0/10.1
Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table.
network
low complexity
postgresql CWE-200
6.5