what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

CVE-2019-10208

Status Candidate

Overview

A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function.

Related Files

Red Hat Security Advisory 2021-0167-01
Posted Jan 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0167-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
MD5 | fc2fca1f9e82b5f8b63439452112f790
Red Hat Security Advisory 2021-0166-01
Posted Jan 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0166-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
MD5 | bbae33c6b6094c01ebd773f54ffbb80b
Red Hat Security Advisory 2021-0164-01
Posted Jan 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0164-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
MD5 | 5e70b2fefa51825ab0f354bc031e4ac1
Red Hat Security Advisory 2020-5664-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5664-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
MD5 | 01c9ad95cd03e1120b601d0e8a6d6da0
Red Hat Security Advisory 2020-5661-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5661-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
MD5 | f58a383b1ee427cb50cfccc61a74dd12
Red Hat Security Advisory 2020-5619-01
Posted Dec 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5619-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
MD5 | 410d0e3fd035110521cc0748349ae362
Red Hat Security Advisory 2020-4295-01
Posted Oct 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4295-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720
MD5 | 23302508cd17a5e8da4d24bbbd49489c
Red Hat Security Advisory 2020-3669-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3669-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720
MD5 | 59b67ef16ff6aa9bb22226e4526917c3
Ubuntu Security Notice USN-4090-1
Posted Aug 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4090-1 - Tom Lane discovered that PostgreSQL did not properly restrict functions declared as "SECURITY DEFINER". An attacker could use this to execute arbitrary SQL with the permissions of the function owner. Andreas Seltenreich discovered that PostgreSQL did not properly handle user-defined hash equality operators. An attacker could use this to expose sensitive information. This issue only affected Ubuntu 19.04. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-10208, CVE-2019-10209
MD5 | ccaf4895e6cf0e7558139305e2b1c8b5
Debian Security Advisory 4493-1
Posted Aug 9, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4493-1 - Two security issues have been discovered in the PostgreSQL database system, which could result in privilege escalation, denial of service or memory disclosure.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2019-10208, CVE-2019-10209
MD5 | 4425ba69c4e109bad5da897ac9cbe1e2
Debian Security Advisory 4492-1
Posted Aug 9, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4492-1 - A issue has been discovered in the PostgreSQL database system, which could result in privilege escalation.

tags | advisory
systems | linux, debian
advisories | CVE-2019-10208
MD5 | 4d9c0eb1a4850c00c8ceea2eb3aa4461
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close