Max CVSS | 6.5 | Min CVSS | 3.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-10925 | 5.5 |
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could
|
24-02-2023 - 18:38 | 09-08-2018 - 21:29 | |
CVE-2018-1058 | 6.5 |
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 ar
|
19-01-2023 - 20:11 | 02-03-2018 - 15:29 | |
CVE-2018-10915 | 6.0 |
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untru
|
04-08-2021 - 17:14 | 09-08-2018 - 20:29 | |
CVE-2018-1053 | 3.3 |
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when t
|
09-10-2019 - 23:38 | 09-02-2018 - 14:29 |