CVE-2016-5424

HIGH Year: 2016
CVSS v3 Score
7.1
High
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-94
View all →

Vulnerability Description

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.

Related Vulnerabilities

CVE-2020-10684

HIGH
CVSS:7.1(High)

A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable whe...

CWE-942020

CVE-2020-7745

HIGH
CVSS:7.1(High)

This affects the package MintegralAdSDK before 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners (advertisers) can remo...

CWE-942020

CVE-2022-22285

HIGH
CVSS:7.1(High)

A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifyi...

CWE-942022

CVE-2022-22286

HIGH
CVSS:7.1(High)

A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modify...

CWE-942022

CVE-2023-2859

HIGH
CVSS:7.1(High)

Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

CWE-942023

CVE-2024-29014

HIGH
CVSS:7.1(High)

Vulnerability in SonicWall SMA100 NetExtender Windows (32 and 64-bit) client 10.2.339 and earlier versions allows an attacker to arbitrary code execution when processing an EPC Client update.

CWE-942024