PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.
Max CVSS
7.5
EPSS Score
0.21%
Published
2002-12-31
Updated
2024-02-09
PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log (pg_clog) data and cause a denial of service (data loss) via the VACUUM command.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-10-03
Updated
2017-07-11
Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.
Max CVSS
4.6
EPSS Score
0.08%
Published
2002-09-24
Updated
2016-10-18
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.
Max CVSS
7.5
EPSS Score
0.26%
Published
2002-08-12
Updated
2016-10-18
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!