CVE search results

21 – 30 of 47 results

Detailed view

Sort by:

CVE-2014-0063

Medium priority

Fixed

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or...

3 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—
postgresql-9.3	—	—	—	—

CVE-2014-0062

Medium priority

Fixed

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to...

3 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—
postgresql-9.3	—	—	—	—

CVE-2014-0061

Medium priority

Fixed

The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a...

3 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—
postgresql-9.3	—	—	—	—

CVE-2014-0060

Medium priority

Fixed

PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or...

3 affected packages

postgresql-8.4, postgresql-9.1, postgresql-9.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—
postgresql-9.3	—	—	—	—

CVE-2013-1903

Medium priority

Ignored

PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and...

4 affected packages

postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.2	—	—	—	—
postgresql-8.3	—	—	—	—
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—

CVE-2013-1902

Medium priority

Ignored

PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecified impact and attack vectors...

4 affected packages

postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.2	—	—	—	—
postgresql-8.3	—	—	—	—
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—

CVE-2013-1901

Medium priority

Fixed

PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2)...

4 affected packages

postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.2	—	—	—	—
postgresql-8.3	—	—	—	—
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—

CVE-2013-1900

Medium priority

Some fixes available 7 of 9

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified...

4 affected packages

postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.2	—	—	—	—
postgresql-8.3	—	—	—	—
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—

CVE-2013-1899

High priority

Fixed

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify...

4 affected packages

postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.2	—	—	—	—
postgresql-8.3	—	—	—	—
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—

CVE-2013-0255

Medium priority

Some fixes available 6 of 8

PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with...

4 affected packages

postgresql-8.2, postgresql-8.3, postgresql-8.4, postgresql-9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
postgresql-8.2	—	—	—	—
postgresql-8.3	—	—	—	—
postgresql-8.4	—	—	—	—
postgresql-9.1	—	—	—	—

Export to JSON

Results by page:

Search CVE reports