📦 Postgresql

This vulnerability in PostgreSQL's intarray extension allows attackers to execute arbitrary code with the privileges of the database operating system user. It affects PostgreSQL installations with the...

A buffer overflow vulnerability in PostgreSQL's text manipulation functions allows authenticated database users to execute arbitrary code with the privileges of the database server process. This affec...

This vulnerability allows unprivileged database users in PostgreSQL to manipulate environment variables through PL/Perl, potentially leading to arbitrary code execution on the database server. It affe...

This PostgreSQL vulnerability allows an attacker who creates a materialized view to execute arbitrary SQL functions with the privileges of the user who runs REFRESH MATERIALIZED VIEW CONCURRENTLY. The...

This CVE-2023-5869 vulnerability in PostgreSQL allows authenticated database users to execute arbitrary code on the server through an integer overflow when modifying SQL arrays. Attackers can write ar...

This SQL injection vulnerability in PostgreSQL allows attackers with database-level CREATE privilege to execute arbitrary code as the bootstrap superuser when exploiting improperly quoted extension sc...

CVE-2023-2454 is a PostgreSQL vulnerability where the schema_element function can bypass protective search_path changes, allowing authenticated attackers with elevated database privileges to execute a...

CVE-2021-23214 is a SQL injection vulnerability in PostgreSQL that allows man-in-the-middle attackers to inject arbitrary SQL queries during initial connection establishment, even when SSL certificate...

This PostgreSQL vulnerability allows a less-privileged application user to view or modify unintended database rows when the application uses SET ROLE or SET SESSION AUTHORIZATION features. The issue o...