Max CVSS | 6.4 | Min CVSS | 5.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-10925 | 5.5 |
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could
|
24-02-2023 - 18:38 | 09-08-2018 - 21:29 | |
CVE-2018-1115 | 6.4 |
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to
|
30-11-2022 - 21:22 | 10-05-2018 - 19:29 | |
CVE-2018-10915 | 6.0 |
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untru
|
04-08-2021 - 17:14 | 09-08-2018 - 20:29 |