exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2020-14349

Status Candidate

Overview

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication.

Related Files

Red Hat Security Advisory 2021-0988-01
Posted Mar 25, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0988-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2015-8011, CVE-2020-14349, CVE-2020-14350
SHA-256 | b1c9760f913a9f1a467e7a016d1241c6bac0c51884cdffd0dafc4297e5a49a74
Download | Favorite | View
Red Hat Security Advisory 2021-0166-01
Posted Jan 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0166-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 52c19bde7840031c2019cb1de41803584e772d04bd2f5048954768a1d2e97a05
Download | Favorite | View
Red Hat Security Advisory 2021-0163-01.tct
Posted Jan 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0163-01.tct - PostgreSQL is an advanced object-relational database management system. Issues addressed include an improper authorization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 575df684c9edc18a6d05418493114b9a6583c3da5ebc93cf9854d5145aa0c61c
Download | Favorite | View
Red Hat Security Advisory 2020-5664-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5664-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 88e26286d5c7b5279e3f33ac70b31ae4e9035b2a9d2caf94e35f8a922f8de32a
Download | Favorite | View
Red Hat Security Advisory 2020-5620-01
Posted Dec 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5620-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an improper authorization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | f937ce328298951a6865cc37e46d7b9becd3aac39745a2ad01d58ea343d5d19e
Download | Favorite | View
Red Hat Security Advisory 2020-5112-01
Posted Nov 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5112-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an improper authorization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14349, CVE-2020-14350, CVE-2020-1720
SHA-256 | bb11a4092664279ec8b7bada321d7439800225dcfd6117bedff41204c18861e6
Download | Favorite | View
Red Hat Security Advisory 2020-5110-01
Posted Nov 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5110-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14349, CVE-2020-14350
SHA-256 | d2865de5cc9cebb0175acf177f2e3e341e5eef45d94778f6f4f349f2dbf291ec
Download | Favorite | View
Red Hat Security Advisory 2020-3669-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3669-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720
SHA-256 | 37abfe12007f0123015ff6acb45976e8a68274f270431c5da4edcf0cd23793ca
Download | Favorite | View
Gentoo Linux Security Advisory 202008-13
Posted Aug 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202008-13 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in privilege escalation. Versions less than 9.5.23:9.5 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14349, CVE-2020-14350
SHA-256 | b9ffeb065fa475ec938af85e828054d7d90b5d9a9259663a3d565b3d3bc786a1
Download | Favorite | View
Ubuntu Security Notice USN-4472-1
Posted Aug 25, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4472-1 - Noah Misch discovered that PostgreSQL incorrectly handled the search_path setting when used with logical replication. A remote attacker could possibly use this issue to execute arbitrary SQL code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Andres Freund discovered that PostgreSQL incorrectly handled search path elements in CREATE EXTENSION. A remote attacker could possibly use this issue to execute arbitrary SQL code. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-14349, CVE-2020-14350
SHA-256 | 887d5dd10d4beb7ccbc082cdcdc93721cd7fc006bdc22958985695060b8e5288
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    49 Files
  • 16
    Oct 16th
    28 Files
  • 17
    Oct 17th
    23 Files
  • 18
    Oct 18th
    10 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    5 Files
  • 22
    Oct 22nd
    12 Files
  • 23
    Oct 23rd
    23 Files
  • 24
    Oct 24th
    9 Files
  • 25
    Oct 25th
    10 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close