CVE search results

61 – 70 of 76 results

Detailed view

Sort by:

CVE-2015-3167

Medium priority

Some fixes available 6 of 7

contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers...

4 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	Not in release
postgresql-9.1	—	—	—	—	Not in release
postgresql-9.3	—	—	—	—	Not in release
postgresql-9.4	—	—	—	—	Not in release

CVE-2015-3166

Medium priority

Some fixes available 6 of 7

The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive...

4 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	Not in release
postgresql-9.1	—	—	—	—	Not in release
postgresql-9.3	—	—	—	—	Not in release
postgresql-9.4	—	—	—	—	Not in release

CVE-2015-3165

Medium priority

Some fixes available 6 of 7

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at...

4 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	Not in release
postgresql-9.1	—	—	—	—	Not in release
postgresql-9.3	—	—	—	—	Not in release
postgresql-9.4	—	—	—	—	Not in release

CVE-2015-0244

Medium priority

Some fixes available 5 of 6

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct...

4 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	Not in release
postgresql-9.1	—	—	—	—	Not in release
postgresql-9.3	—	—	—	—	Not in release
postgresql-9.4	—	—	—	—	Not in release

CVE-2015-0243

Medium priority

Some fixes available 5 of 6

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash)...

4 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	Not in release
postgresql-9.1	—	—	—	—	Not in release
postgresql-9.3	—	—	—	—	Not in release
postgresql-9.4	—	—	—	—	Not in release

CVE-2015-0241

Medium priority

Some fixes available 5 of 6

The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute...

4 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	Not in release
postgresql-9.1	—	—	—	—	Not in release
postgresql-9.3	—	—	—	—	Not in release
postgresql-9.4	—	—	—	—	Not in release

CVE-2014-8161

Medium priority

Some fixes available 5 of 6

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading...

4 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	Not in release
postgresql-9.1	—	—	—	—	Not in release
postgresql-9.3	—	—	—	—	Not in release
postgresql-9.4	—	—	—	—	Not in release

CVE-2014-2669

Medium priority

Fixed

Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact via vectors...

3 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	—
postgresql-9.1	—	—	—	—	—
postgresql-9.3	—	—	—	—	—

CVE-2014-0067

Low priority

Some fixes available 5 of 7

The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to...

3 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	—
postgresql-9.1	—	—	—	—	—
postgresql-9.3	—	—	—	—	—

CVE-2014-0066

Medium priority

Fixed

The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote...

3 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-8.4	—	—	—	—	—
postgresql-9.1	—	—	—	—	—
postgresql-9.3	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports