postgresql94 (SUSE:Linux Enterprise Server 11 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 11 SP4 package postgresql94, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (18)
CVE-2017-7546 — CVSS 9.8 (critical): PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote…
CVE-2018-1058 — CVSS 8.8 (high): A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account…
CVE-2016-0766 — CVSS 8.8 (high): PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict…
CVE-2017-7547 — CVSS 8.8 (high): PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated…
CVE-2018-10915 — CVSS 8.5 (high): A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between…
CVE-2016-5423 — CVSS 8.3 (high): PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated…
CVE-2017-15098 — CVSS 8.1 (high): Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before…
CVE-2017-7484 — CVSS 7.5 (high): It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before…
CVE-2016-0773 — CVSS 7.5 (high): PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to…
CVE-2017-7486 — CVSS 7.5 (high): PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any…
CVE-2017-7548 — CVSS 7.5 (high): PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no…
CVE-2016-5424 — CVSS 7.1 (high): PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote…
CVE-2018-1053 — CVSS 7.0 (high): In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates…
CVE-2017-12172 — CVSS 6.7 (medium): PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24…
CVE-2015-5288 — CVSS 6.4 (medium): The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and…
CVE-2015-5289 — CVSS 6.4 (medium): Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to…
CVE-2017-7485 — CVSS 5.9 (medium): In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL…
CVE-2007-4772 — CVSS 4.0 (medium): The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4…