CVE-2019-25696

creationtimestamp| type| source ---|---|--- 2026-04-05 23:33:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mirvxuzyfz22...

CVE-2019-25696

Kados R10 GreenBee contains an SQL injection vulnerability exploitable via the language_tag parameter. The root cause is unsafe SQL construction that allows attackers to inject SQL statements into queries, enabling extraction of sensitive database information and potential data modification. Affe...

MiracleLinux 8 : postgresql:9.6 (AXSA:2021-1513:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1513:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...

MiracleLinux 7 : rh-postgresql10-postgresql-10.15-1.el7 (AXSA:2020-963:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-963:02 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operation...

MiracleLinux 8 : libpq-12.5-1.el8 (AXSA:2021-1461:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1461:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: psql's \gset allows overwriting specially treated...

CVE-2023-25696

Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...

Alibaba Cloud Linux 3 : 0002: libpq (ALINUX3-SA-2021:0002)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0002 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-25694: A flaw was found in...

RHEL 6 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: psql's \gset allows overwriting specially treated variables CVE-2020-25696 - postgresql: Buff...

CVE-2024-25696

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...

CVE-2024-25696 Stored XSS in Portal for ArcGIS

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...

CVE-2024-25696

CVE-2024-25696 is a cross-site scripting vulnerability in Esri Portal for ArcGIS affecting versions 11.0 and earlier. An attacker with remote access and high privileges (authenticated) can construct a link that causes the page editor to render an image in the victim’s browser, implying a stored/r...

CVE-2024-25696 Stored XSS in Portal for ArcGIS

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...

ROS-2-817

2.817 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

ROS-2-1187

2.1187 PostgreSQL update with vulnerability fixes CVE-2020-25695, CVE-2020-25694,CVE-2020-25696 1. Vulnerability Description: The CVE-2020-25695 vulnerability allows arbitrary SQL functions to be executed with administrator privileges with access to create persistent objects in any storage schema...

Rocky Linux 8 : postgresql:12 (RLSA-2020:5620)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:5620 advisory. - It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. A...

CVE-2023-25696

creationtimestamp| type| source ---|---|--- 2023-02-24 14:49:18+00:00| seen| https://t.me/cibsecurity/58865 2023-02-24 15:04:36+00:00| seen| https://t.me/breachdetector/207052 2023-02-24 21:27:53+00:00| seen| Telegram/Lw7u-Xk6xSteuBiwyNzWX2LNGzfySroFN8WyCw6GBv2i6to...

CVE-2023-25696

Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...

CVE-2023-25696

CVE-2023-25696 is an issue in the Apache Airflow Hive Provider (pre-5.1.3) described as an Improper Input Validation vulnerability. The NVD entry lists a CRITICAL impact (CVSSv3.1: 9.8) affecting network attack vector with no user interaction, and high confidentiality, integrity, and availability...

CVE-2023-25696 Apache Airflow Hive Provider Beeline RCE

Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...

K72430453: PostgreSQL vulnerability CVE-2020-25696

Security Advisory Description A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute...