Search CVE reports
81 – 90 of 96 results
CVE-2014-0061
Medium priorityThe validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a...
3 affected packages
postgresql-8.4, postgresql-9.1, postgresql-9.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
postgresql-9.3 | — | — | — | — | — |
CVE-2014-0060
Medium priorityPostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or...
3 affected packages
postgresql-8.4, postgresql-9.1, postgresql-9.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
postgresql-9.3 | — | — | — | — | — |
CVE-2013-1903
Medium priorityPostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.2 | — | — | — | — | — |
postgresql-8.3 | — | — | — | — | — |
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
CVE-2013-1902
Medium priorityPostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecified impact and attack vectors...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.2 | — | — | — | — | — |
postgresql-8.3 | — | — | — | — | — |
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
CVE-2013-1901
Medium priorityPostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2)...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.2 | — | — | — | — | — |
postgresql-8.3 | — | — | — | — | — |
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
CVE-2013-1900
Medium prioritySome fixes available 7 of 9
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.2 | — | — | — | — | — |
postgresql-8.3 | — | — | — | — | — |
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
CVE-2013-1899
High priorityArgument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.2 | — | — | — | — | — |
postgresql-8.3 | — | — | — | — | — |
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
CVE-2013-0255
Medium prioritySome fixes available 6 of 8
PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.2 | — | — | — | — | — |
postgresql-8.3 | — | — | — | — | — |
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
CVE-2012-3489
Medium prioritySome fixes available 6 of 8
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.2 | — | — | — | — | — |
postgresql-8.3 | — | — | — | — | — |
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |
CVE-2012-3488
Medium prioritySome fixes available 6 of 8
The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
postgresql-8.2 | — | — | — | — | — |
postgresql-8.3 | — | — | — | — | — |
postgresql-8.4 | — | — | — | — | — |
postgresql-9.1 | — | — | — | — | — |