CVE-2026-8178

An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when processing JDBC connection URL parameters. An actor who can influence the connection URL could potentially execute code in the application...

OESA-2026-2445 postgresql-jdbc security update

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is an open...

OESA-2026-2444 postgresql-jdbc security update

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is an open...

OESA-2026-2443 postgresql-jdbc security update

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is an open...

Astra Linux - уязвимость в libpgjava

The PostgreSQL JDBC Driver also known as PgJDBC prior to version 42.2.13 allowed XXE...

CVE-2026-8178

The CVE concerns the Amazon Redshift JDBC Driver (versions prior to 2.2.2). Under certain conditions, processing JDBC connection URL parameters could trigger loading and execution of arbitrary classes, allowing an attacker who can influence the connection URL to run code in the application contex...

SUSE CVE-2026-42198

pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of service during SCRAM-SHA-256 authentication. A malicious server can instruct the driver to perform SCRAM authentication with a very large iteration count...

BIT-POSTGRESQL-JDBC-DRIVER-2026-42198 pgjdbc: Unbounded PBKDF2 iterations in SCRAM authentication allows CPU exhaustion DoS

pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of service during SCRAM-SHA-256 authentication. A malicious server can instruct the driver to perform SCRAM authentication with a very large iteration count...

CVE-2026-4586 CodePhiliaX Chat2DB JDBC Driver Upload JdbcDriverController.java upload unrestricted upload

A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects the function Upload of the file chat2db-server/chat2db-server-web/chat2db-server-web-api/src/main/java/ai/chat2db/server/web/api/controller/driver/JdbcDriverController.java of the component JDBC Driver Upload. Performing a...

CodePhiliaX Chat2DB 代码问题漏洞

CodePhiliaX Chat2DB is an open-source AI-driven SQL client developed by CodePhiliaX. Versions of CodePhiliaX Chat2DB 0.3.7 and earlier contain code-related vulnerabilities. These vulnerabilities stem from the unlimited uploading feature of the JDBC Driver Upload component...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses mssql-jdbc-12.8.1.jre11.jar dependency which is vulnerable to CVE-2025-59250.

Summary IBM Maximo Application Suite - Manage Component uses mssql-jdbc-12.8.1.jre11.jar dependency which is vulnerable to CVE-2025-59250. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-59250 DESCRIPTION: Improper input...

CVE-2026-32140

Dataease (open source data visualization tool) Before version 2.10.20 is vulnerable via the Redshift JDBC driver where the IniFile parameter can be exploited to load an attacker-controlled configuration file. The getJdbcIniFile discovery mechanism can, if not restricted, locate rsjdbc.ini and, in...

GHSA-GX6C-PV62-9MCF Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner

A weakness has been identified in Snowflake JDBC Driver up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can...

Snowflake JDBC Driver is Vulnerable to Uncontrolled Resource Consumption through SdkProxyRoutePlanner

A weakness has been identified in Snowflake JDBC Driver up to 4.0.1. Impacted is the function SdkProxyRoutePlanner of the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java of the component JDBC URL Handler. Executing a manipulation of the argument nonProxyHosts can...

CVE-2021-33523

MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController...

VulnCheck KEV: CVE-2022-31197

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contain...

CVE-2025-12742 Remote Code Execution in Looker via Teradata JDBC Driver

A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for Looker-hosted instances. No user action is required...

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed a vulnerability in the JDBC driver for SQL Server. A malicious party could exploit the vulnerability to gain access to sensitive data, such as login credentials, through a Server-in-the-Middle attack. For successful exploitation, the malicious party must trick the victim into...

CVE-2025-59250 JDBC Driver for SQL Server Spoofing Vulnerability

...

EUVD-2021-20215

Malware in sbrugna...