Software Detail

Software Informaton Top

Database

Software Detail

PostgreSQL

Number Of NVD

154

CRITICAL

HIGH

MEDIUM

LOW

URL	https://www.postgresql.org/
Explanation	PostgreSQL is an object-relational database management system (ORDBMS) based on POSTGRES, Version 4.2, developed by the Department of Computer Science at the University of California, Berkeley. Extracted from [https://www.postgresql.jp/document/11/html/intro-whatis.html] From version 10 onwards, the integer part represents major versions and the decimal part represents minor updates. Every year, a major version including new features is released. Minor releases with bugs and security fixes will be released at least once every three months, if necessary. Unscheduled releases will be made for urgent security issues. Support is provided for five years after the major version is released.
Tag	オープンソース PostgreSQL Licence 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://www.postgresql.org/support/versioning/
2			https://wiki.postgresql.org/wiki/Main_Page
3			https://www.postgresql.jp/
4			https://www.postgresql.org/download/

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Critical	High	Medium	Low
111	PostgreSQL 16	16.11	Nov. 13, 2025	Sept. 14, 2023	Sept. 9, 2028	0	2	2	0
112	PostgreSQL 15	15.15	Nov. 13, 2025	Jan. 13, 2022	Nov. 11, 2027	0	6	4	1
113	PostgreSQL 14	14.20	Nov. 13, 2025	May 15, 2021	Nov. 12, 2026	0	8	5	1
114	PostgreSQL 13	13.23	Nov. 13, 2025	Sept. 24, 2020	Nov. 23, 2025	0	12	10	1
115	PostgreSQL 12	12.22	Nov. 21, 2024	Oct. 3, 2019	Nov. 14, 2024	0	15	11	1
116	PostgreSQL 11	11.22	Nov. 9, 2023	Oct. 18, 2018	Nov. 9, 2023	2	19	12	1
117	PostgreSQL 10	10.23	Nov. 10, 2022	Oct. 5, 2017	Nov. 10, 2022	3	21	9	0
118	PostgreSQL 9	9.6.24		Sept. 20, 2010	Oct. 8, 2015	6	39	37	0
119	PostgreSQL 8	8.0.9		Jan. 19, 2005	July 24, 2014	4	31	48	3
120	PostgreSQL 7	7.0.3		May 8, 2000	May 8, 2005	4	31	38	4
121	PostgreSQL 6	6.5.3	Jan. 29, 1997		June 9, 2004	4	21	20	2
122	PostgreSQL 1	1.09	Nov. 4, 1996		Jan. 1, 2000	4	21	22	1
123	PostgreSQL -	-				4	17	14	1

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or higher	less than	Update date Published date	Show Affected	Exploit PoC Search
111	- 6.5	MEDIUM	The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2009-3230	cpe:2.3:a:postgresql:postgresql:8.4:* cpe:2.3:a:postgresql:postgresql:8.3.7:* cpe:2.3:a:postgresql:postgresql:8.3…			2026-04-23 09:35 2009-09-17	Show	GitHub Exploit DB Packet Storm

112	- 4.0	MEDIUM	The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" li…	NVD-CWE-noinfo	CVE-2009-3229	cpe:2.3:a:postgresql:postgresql:8.4:* cpe:2.3:a:postgresql:postgresql:8.3:* cpe:2.3:a:postgresql:postgresql:8.3.7…			2026-04-23 09:35 2009-09-17	Show	GitHub Exploit DB Packet Storm

113	- 4.0	MEDIUM	PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a…	CWE-399 Resource Management Errors	CVE-2009-0922	cpe:2.3:a:postgresql:postgresql:8.3.6:* cpe:2.3:a:postgresql:postgresql:8.2.12:* cpe:2.3:a:postgresql:postgresql:…			2026-04-23 09:35 2009-03-18	Show	GitHub Exploit DB Packet Storm

114	- 6.8	MEDIUM	The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a d…	CWE-189 Numeric Errors	CVE-2007-4769	cpe:2.3:a:postgresql:postgresql:8.2:* cpe:2.3:a:postgresql:postgresql:8.2.4:* cpe:2.3:a:postgresql:postgresql:8.2…			2026-04-23 09:35 2008-01-10	Show	GitHub Exploit DB Packet Storm

115	- 4.0	MEDIUM	The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a …	CWE-399 Resource Management Errors	CVE-2007-4772	cpe:2.3:a:postgresql:postgresql::	7.4 8.0 8.1 8.2	7.4.19 8.0.15 8.1.11 8.2.6	2026-04-23 09:35 2008-01-10	Show	GitHub Exploit DB Packet Storm

116	- 6.8	MEDIUM	Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows…	CWE-189 Numeric Errors	CVE-2007-6067	cpe:2.3:a:postgresql:postgresql:8.2:* cpe:2.3:a:postgresql:postgresql:8.2.4:* cpe:2.3:a:postgresql:postgresql:8.2…			2026-04-23 09:35 2008-01-10	Show	GitHub Exploit DB Packet Storm

117	- 6.5	MEDIUM	PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2007-6600	cpe:2.3:a:postgresql:postgresql:8.2:* cpe:2.3:a:postgresql:postgresql:8.2.5:* cpe:2.3:a:postgresql:postgresql:8.2…			2026-04-23 09:35 2008-01-10	Show	GitHub Exploit DB Packet Storm

118	- 7.2	HIGH	The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attac…	CWE-287 Improper Authentication	CVE-2007-6601	cpe:2.3:a:postgresql:postgresql:8.2:* cpe:2.3:a:postgresql:postgresql::	7.3.0 7.4.0 8.0.0 8.1.0 8.2.0	7.3.21 7.4.19 8.0.15 8.1.11 8.2.6	2026-04-23 09:35 2008-01-10	Show	GitHub Exploit DB Packet Storm

119	- 6.9	MEDIUM	PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and ex…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2007-3278	cpe:2.3:a:postgresql:postgresql::	7.3 7.4 8.0 8.1 8.2	7.3.21 7.4.19 8.0.15 8.1.11 8.2.6	2026-04-23 09:35 2007-06-20	Show	GitHub Exploit DB Packet Storm

120	- 10.0	HIGH	PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and …	NVD-CWE-Other	CVE-2007-3279	cpe:2.3:a:postgresql:postgresql:8.1:*			2026-04-23 09:35 2007-06-20	Show	GitHub Exploit DB Packet Storm