CVE search results

1 – 4 of 4 results

Detailed view

Sort by:

CVE-2019-3466

Medium priority

Fixed

The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

1 affected packages

postgresql-common

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-common	—	—	—	Fixed	Fixed

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic...

1 affected packages

postgresql-common

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-common	—	—	—	—	Fixed

CVE-2016-1255

Medium priority

Some fixes available 2 of 4

The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before...

1 affected packages

postgresql-common

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql-common	—	—	—	—	Fixed

CVE-2005-1409

Unknown priority

Fixed

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character...

6 affected packages

postgresql, postgresql-7.4, postgresql-8.0, postgresql-8.1, postgresql-8.2, postgresql-common

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
postgresql	—	—	—	—	—
postgresql-7.4	—	—	—	—	—
postgresql-8.0	—	—	—	—	—
postgresql-8.1	—	—	—	—	—
postgresql-8.2	—	—	—	—	—
postgresql-common	—	—	—	—	—

Search CVE reports

CVE-2019-3466

CVE-2017-8806

CVE-2016-1255

CVE-2005-1409