| Max CVSS | 6.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-7485 | 4.3 |
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Midd
|
03-10-2019 - 00:03 | 12-05-2017 - 19:29 | |
| CVE-2017-7484 | 5.0 |
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, po
|
05-01-2018 - 02:31 | 12-05-2017 - 19:29 | |
| CVE-2017-7486 | 5.0 |
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
|
05-01-2018 - 02:31 | 12-05-2017 - 19:29 | |
| CVE-2016-5423 | 6.5 |
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory informat
|
05-01-2018 - 02:31 | 09-12-2016 - 23:59 | |
| CVE-2016-5424 | 4.6 |
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \
|
05-01-2018 - 02:31 | 09-12-2016 - 23:59 |