Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add files into one of those directories can use this to execute arbitrary code with the installer's administrative rights.
CVSS Information
N/A
Vulnerability Type
不可信的搜索路径
Vulnerability Title
PostgreSQL 代码问题漏洞
Vulnerability Description
PostgreSQL是Postgresql组织的一套自由的对象关系型数据库管理系统。该系统支持大部分SQL标准并且提供了许多其他特性,例如外键、触发器、视图等。 PostgreSQL 12及之前版本中存在安全漏洞。攻击者可利用该漏洞以安装程序的管理权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A