Search CVE reports


Toggle filters

1 – 4 of 4 results


CVE-2019-3466

Medium priority
Fixed

The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

1 affected package

postgresql-common

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
postgresql-common Fixed Fixed
Show less packages

CVE-2017-8806

Medium priority
Fixed

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic...

1 affected package

postgresql-common

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
postgresql-common Fixed
Show less packages

CVE-2016-1255

Medium priority

Some fixes available 2 of 4

The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before...

1 affected package

postgresql-common

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
postgresql-common Fixed
Show less packages

CVE-2005-1409

Unknown priority
Fixed

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character...

6 affected packages

postgresql, postgresql-7.4, postgresql-8.0, postgresql-8.1, postgresql-8.2, postgresql-common

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
postgresql
postgresql-7.4
postgresql-8.0
postgresql-8.1
postgresql-8.2
postgresql-common
Show less packages