| Bug | Description |
|---|
| CVE-2025-4207 | Buffer over-read in PostgreSQL GB18030 encoding validation allows a da ... |
| CVE-2025-1094 | Improper neutralization of quoting syntax in PostgreSQL libpq function ... |
| CVE-2024-10979 | Incorrect control of environment variables in PostgreSQL PL/Perl allow ... |
| CVE-2024-10978 | Incorrect privilege assignment in PostgreSQL allows a less-privileged ... |
| CVE-2024-10977 | Client use of server error message in PostgreSQL allows a server not t ... |
| CVE-2024-10976 | Incomplete tracking in PostgreSQL of tables with row security allows a ... |
| CVE-2024-7348 | Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in Postgr ... |
| CVE-2024-4317 | Missing authorization in PostgreSQL built-in views pg_stats_ext and pg ... |
| CVE-2024-0985 | Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in Postg ... |
| CVE-2023-39418 | A vulnerability was found in PostgreSQL with the use of the MERGE comm ... |
| CVE-2023-39417 | IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in Po ... |
| CVE-2023-5870 | A flaw was found in PostgreSQL involving the pg_cancel_backend role th ... |
| CVE-2023-5869 | A flaw was found in PostgreSQL that allows authenticated database user ... |
| CVE-2023-5868 | A memory disclosure vulnerability was found in PostgreSQL that allows ... |
| CVE-2023-2455 | Row security policies disregard user ID changes after inlining; Postgr ... |
| CVE-2023-2454 | schema_element defeats protective search_path changes; It was found th ... |
| CVE-2022-41862 | In PostgreSQL, a modified, unauthenticated server can send an untermin ... |