Search CVE reports
21 – 30 of 47 results
CVE-2014-0063
Medium priorityMultiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or...
3 affected packages
postgresql-8.4, postgresql-9.1, postgresql-9.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
| postgresql-9.3 | — | — | — | — | — |
CVE-2014-0062
Medium priorityRace condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to...
3 affected packages
postgresql-8.4, postgresql-9.1, postgresql-9.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
| postgresql-9.3 | — | — | — | — | — |
CVE-2014-0061
Medium priorityThe validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a...
3 affected packages
postgresql-8.4, postgresql-9.1, postgresql-9.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
| postgresql-9.3 | — | — | — | — | — |
CVE-2014-0060
Medium priorityPostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or...
3 affected packages
postgresql-8.4, postgresql-9.1, postgresql-9.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
| postgresql-9.3 | — | — | — | — | — |
CVE-2013-1903
Medium priorityPostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.2 | — | — | — | — | — |
| postgresql-8.3 | — | — | — | — | — |
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
CVE-2013-1902
Medium priorityPostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecified impact and attack vectors...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.2 | — | — | — | — | — |
| postgresql-8.3 | — | — | — | — | — |
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
CVE-2013-1901
Medium priorityPostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2)...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.2 | — | — | — | — | — |
| postgresql-8.3 | — | — | — | — | — |
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
CVE-2013-1900
Medium prioritySome fixes available 7 of 9
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.2 | — | — | — | — | — |
| postgresql-8.3 | — | — | — | — | — |
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
CVE-2013-1899
High priorityArgument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.2 | — | — | — | — | — |
| postgresql-8.3 | — | — | — | — | — |
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |
CVE-2013-0255
Medium prioritySome fixes available 6 of 8
PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with...
4 affected packages
postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| postgresql-8.2 | — | — | — | — | — |
| postgresql-8.3 | — | — | — | — | — |
| postgresql-8.4 | — | — | — | — | — |
| postgresql-9.1 | — | — | — | — | — |