FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-08-15 16:16:28 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
5d425189-7a03-11d9-a9e7-0001020eed82postgresql -- privilege escalation vulnerability

John Heasman and others disovered that non-privileged users could use the LOAD extension to load arbitrary libraries into the postgres server process space. This could be used by non-privileged local users to execute arbitrary code with the privileges of the postgresql server.


Discovery 2005-01-21
Entry 2005-02-08
postgresql
postgresql-server
ja-postgresql
< 7.3.9

> 7.4.* lt 7.4.7

> 8.* lt 8.0.1

postgresql-devel
<= 8.0.1,1

12411
CVE-2005-0227
http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php
http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php
6b4b0b3f-8127-11d9-a9e7-0001020eed82postgresql -- multiple buffer overflows in PL/PgSQL parser

The PL/PgSQL parser in postgresql is vulnerable to several buffer overflows. These could be exploited by a remote attacker to execute arbitrary code with the permissions of the postgresql server by running a specially crafted query.


Discovery 2005-02-07
Entry 2005-02-17
Modified 2005-02-19
postgresql
postgresql-server
ja-postgresql
< 7.3.9_1

> 7.4.* lt 7.4.7_1

> 8.* lt 8.0.1_1

CVE-2005-0247
http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.php