Lucene search
Redhat.comRH:CVE-2018-10925HistoryMar 24, 2020 - 1:51 a.m.
CVE-2018-10925
2020-03-2401:51:36
redhat.com
access.redhat.com
21
0.001 Low
EPSS
Percentile
49.7%
It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with “INSERT … ON CONFLICT DO UPDATE”. An attacker with “CREATE TABLE” privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain “INSERT” and limited “UPDATE” privileges to a particular table, they could exploit this to update other columns in the same table.
Related
debiancve
debiancve
CVE-2018-10925
2018-08-09 21:29:00
openvas
openvas
PostgreSQL Multiple Vulnerabilities (Aug 2018) - Windows
2018-08-13 00:00:00
PostgreSQL Multiple Vulnerabilities (Aug 2018) - Linux
2018-08-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3377-1)
2021-04-19 00:00:00
alpinelinux
alpinelinux
CVE-2018-10925
2018-08-09 21:29:00
osv
osv
CVE-2018-10925
2018-08-09 21:29:00
postgresql-9.6 - security update
2018-08-10 00:00:00
veracode
veracode
Authorization Bypass
2019-05-16 03:23:19
nvd
nvd
CVE-2018-10925
2018-08-09 21:29:00
ubuntucve
ubuntucve
CVE-2018-10925
2018-08-09 00:00:00
cve
cve
CVE-2018-10925
2018-08-09 21:29:00
cvelist
cvelist
CVE-2018-10925
2018-08-09 21:00:00
prion
prion
Authorization
2018-08-09 21:29:00
postgresql
postgresql
Vulnerability in core server (CVE-2018-10925)
2018-08-09 21:29:00
nessus
nessus
Debian DSA-4269-1 : postgresql-9.6 - security update
2018-08-13 00:00:00
FreeBSD : PostgreSQL -- two vulnerabilities (96eab874-9c79-11e8-b34b-6cc21735f730)
2018-08-13 00:00:00
Photon OS 2.0: Postgresql PHSA-2018-2.0-0087
2019-02-07 00:00:00
f5
f5
K48209417 : PostgreSQL vulnerabilities CVE-2018-10915 and CVE-2018-10925
2018-10-05 00:00:00
suse
suse
Security update for postgresql96 (important)
2018-10-25 18:20:22
Security update for postgresql10 (moderate)
2018-09-04 12:08:24
Security update for postgresql96, postgresql10 and postgresql12 (moderate)
2020-08-17 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: postgresql-10.5-1.fc28
2018-08-14 21:14:19
[SECURITY] Fedora 27 Update: postgresql-9.6.10-1.fc27
2018-08-16 07:24:52
altlinux
altlinux
Security fix for the ALT Linux 8 package postgresql12 version 10.5-alt1
2018-08-11 00:00:00
Security fix for the ALT Linux 8 package postgresql11 version 10.5-alt1
2018-08-11 00:00:00
kaspersky
kaspersky
KLA11300 Multiple vulnerabilities in PostgreSQL
2018-08-09 00:00:00
amazon
amazon
Important: postgresql96
2018-09-05 20:39:00
Important: postgresql93, postgresql94, postgresql95
2018-09-19 17:04:00
Important: postgresql95
2018-12-06 16:57:00
freebsd
freebsd
PostgreSQL -- two vulnerabilities
2018-08-09 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2018-08-16 00:00:00
debian
debian
[SECURITY] [DSA 4269-1] postgresql-9.6 security update
2018-08-10 20:38:25
photon
photon
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2018-10-30 00:00:00
redhat
redhat
(RHSA-2018:2565) Important: rh-postgresql10-postgresql security update
2018-08-27 07:54:02
(RHSA-2018:3816) Important: CloudForms 4.6.6 security, bug fix and enhancement update
2018-12-13 15:02:54
(RHSA-2018:2511) Important: rh-postgresql95-postgresql security update
2018-08-20 10:27:16
mageia
mageia
Updated postgresql9.4|6 packages fix security vulnerabilities
2018-11-16 01:04:32