Vulnerabilities > Postgresql > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-11 | CVE-2021-32028 | Unspecified vulnerability in Postgresql A flaw was found in postgresql. | 6.5 |
| 2021-10-08 | CVE-2021-32029 | Out-of-bounds Read vulnerability in multiple products A flaw was found in postgresql. | 4.0 |
| 2021-03-19 | CVE-2019-10128 | Improper Access Control vulnerability in Postgresql A vulnerability was found in postgresql versions 11.x prior to 11.3. | 4.1 |
| 2021-03-19 | CVE-2019-10127 | Improper Access Control vulnerability in Postgresql A vulnerability was found in postgresql versions 11.x prior to 11.3. | 4.3 |
| 2021-02-23 | CVE-2021-20229 | Incorrect Authorization vulnerability in multiple products A flaw was found in PostgreSQL in versions before 13.2. | 4.0 |
| 2020-09-16 | CVE-2020-10733 | Untrusted Search Path vulnerability in Postgresql The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. | 4.4 |
| 2020-03-17 | CVE-2020-1720 | Missing Authorization vulnerability in multiple products A flaw was found in PostgreSQL's "ALTER ... | 6.5 |
| 2020-01-27 | CVE-2015-0243 | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 6.5 |
| 2020-01-27 | CVE-2015-0242 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a floating point number with a large precision, as demonstrated by using the to_char function. | 6.5 |
| 2020-01-27 | CVE-2015-0241 | Classic Buffer Overflow vulnerability in multiple products The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow. | 6.5 |