122 matches found
CVE-2019-25696
creationtimestamp| type| source ---|---|--- 2026-04-05 23:33:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mirvxuzyfz22...
CVE-2019-25696
CVE-2019-25696 – Kados R10 GreenBee SQL injection : The affected product is Kados R10 GreenBee. The vulnerability arises from a flaw in the language_tag parameter that allows attackers to inject SQL and manipulate database queries. Potential impacts are high confidentiality and high integrity com...
MiracleLinux 7 : rh-postgresql10-postgresql-10.15-1.el7 (AXSA:2020-963:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-963:02 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operation...
MiracleLinux 8 : libpq-12.5-1.el8 (AXSA:2021-1461:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1461:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: psql's \gset allows overwriting specially treated...
MiracleLinux 8 : postgresql:9.6 (AXSA:2021-1513:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1513:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...
CVE-2023-25696
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...
Alibaba Cloud Linux 3 : 0002: libpq (ALINUX3-SA-2021:0002)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0002 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-25694: A flaw was found in...
RHEL 6 : postgresql (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: psql's \gset allows overwriting specially treated variables CVE-2020-25696 - postgresql: Buff...
CVE-2024-25696
There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...
CVE-2024-25696 Stored XSS in Portal for ArcGIS
There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...
CVE-2024-25696 Stored XSS in Portal for ArcGIS
There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...
CVE-2024-25696
CVE-2024-25696 is a cross-site scripting vulnerability in Esri Portal for ArcGIS affecting versions 11.0 and earlier. An attacker with remote access and high privileges (authenticated) can construct a link that causes the page editor to render an image in the victim’s browser, implying a stored/r...
ROS-2-817
2.817 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...
ROS-2-1187
2.1187 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...
Rocky Linux 8 : postgresql:12 (RLSA-2020:5620)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:5620 advisory. - It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. A...
CVE-2023-25696
creationtimestamp| type| source ---|---|--- 2023-02-24 14:49:18+00:00| seen| https://t.me/cibsecurity/58865 2023-02-24 15:04:36+00:00| seen| https://t.me/breachdetector/207052 2023-02-24 21:27:53+00:00| seen| Telegram/Lw7u-Xk6xSteuBiwyNzWX2LNGzfySroFN8WyCw6GBv2i6to...
CVE-2023-25696
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...
CVE-2023-25696
CVE-2023-25696 is an issue in the Apache Airflow Hive Provider (pre-5.1.3) described as an Improper Input Validation vulnerability. The NVD entry lists a CRITICAL impact (CVSSv3.1: 9.8) affecting network attack vector with no user interaction, and high confidentiality, integrity, and availability...
CVE-2023-25696 Apache Airflow Hive Provider Beeline RCE
Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...
K72430453: PostgreSQL vulnerability CVE-2020-25696
Security Advisory Description A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute...