postgresql10 (SUSE:Linux Enterprise Module for Server Applications 15 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Server Applications 15 SP1 package postgresql10, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2019-10164 — CVSS 8.8 (high): PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user…
CVE-2019-10208 — CVSS 8.8 (high): A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x…
CVE-2020-25695 — CVSS 8.8 (high): A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker…
CVE-2020-25694 — CVSS 8.1 (high): A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client…
CVE-2020-25696 — CVSS 7.5 (high): A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before…
CVE-2020-14350 — CVSS 7.3 (high): It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient…
CVE-2020-14349 — CVSS 7.1 (high): It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical…
CVE-2019-10130 — CVSS 4.3 (medium): A vulnerability was found in PostgreSQL versions 11.x up to excluding 11.3, 10.x up to excluding 10.8, 9.6.x up to, excluding 9.6.13, 9.5.x…
CVE-2020-1720 — CVSS 3.1 (low): A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An…