Lucene search
K

1813 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

RHEL 10 : postgresql-jdbc (RHSA-2026:24348)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:24348 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java program...

7.5CVSS7.2AI score0.0077EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

RHEL 9 : postgresql-jdbc (RHSA-2026:22304)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22304 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs...

7.5CVSS5.6AI score0.0077EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/05 9:15 p.m.7 views

Untrusted Search Path

Overview software.amazon.jdbc:aws-advanced-jdbc-wrapper is an Amazon Web Services AWS Advanced JDBC Wrapper Affected versions of this package are vulnerable to Untrusted Search Path in the GlobalAuroraPgDialect, which is included in the public schema. A low-privileged user can elevate privileges ...

8.6CVSS5.4AI score0.00305EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/06/05 9:15 p.m.8 views

io.camunda:camunda-zeebe (>=8.9.0 <=8.10.0-alpha1-rc3), org.finos.legend.engine:legend-engine-xt-relationalStore-aurora-execution (>=4.128.0 <=4.131.0) +3 more potentially affected by CVE-2026-11400 via software.amazon.jdbc:aws-advanced-jdbc-wrapper (>=3.2.0 <=4.0.0)

software.amazon.jdbc:aws-advanced-jdbc-wrapper MAVEN version =3.2.0, =8.9.0, =4.128.0, =4.131.0 - org.wildfly:wildfly-datasources-galleon-pack =11.4.0.Final - org.wildfly:wildfly-datasources-galleon-pack-common =11.4.0.Final - org.wildfly:wildfly-datasources-preview-galleon-pack =11.4.0.Final...

8.6CVSS5.7AI score0.00305EPSS
Exploits0
NVD
NVD
added 2026/06/05 8:17 p.m.13 views

CVE-2026-11400

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...

8.6CVSS0.00305EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.11 views

CVE-2026-8178

An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when processing JDBC connection URL parameters. An actor who can influence the connection URL could potentially execute code in the application...

9.2CVSS5.9AI score0.00573EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 7:7 p.m.30 views

CVE-2026-11400 Privilege Escalation in AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...

8.6CVSS0.00305EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.23 views

PT-2026-47034

Name of the Vulnerable Software and Affected Versions AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL versions prior to 4.0.1 Description An untrusted search path issue exists in the GlobalDatabasePlugin. This allows a remote authenticated low-privilege actor to escalate privileges to thos...

8.6CVSS5.5AI score0.00305EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Amazon Web Services JDBC Driver 安全漏洞

The Amazon Web Services JDBC Driver is an open-source Go language wrapper developed by Amazon Web Services. There is a security vulnerability in the Amazon Web Services JDBC Driver, which stems from an unreliable search path issue in the GlobalDatabasePlugin. This vulnerability allows remote,...

8.6CVSS5.3AI score0.00305EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.13 views

RockyLinux 9 : postgresql-jdbc (RLSA-2026:22304)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:22304 advisory. jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication CVE-2026-42198 Tenable has extracted the preceding...

7.5CVSS7.2AI score0.0077EPSS
Exploits0References3
OSV
OSV
added 2026/06/02 6:3 p.m.12 views

RLSA-2026:22304 Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...

7.5CVSS7.1AI score0.0077EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/06/02 6:3 p.m.17 views

postgresql-jdbc security update

An update is available for postgresql-jdbc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management syste...

7.5CVSS7.1AI score0.0077EPSS
Exploits0
OSV
OSV
added 2026/06/02 10:8 a.m.10 views

RHSA-2026:22304 Red Hat Security Advisory: postgresql-jdbc security update

Bulletin has no description...

7.5CVSS7AI score0.0077EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/06/01 10:21 a.m.16 views

Important: Red Hat Security Advisory: postgresql-jdbc security update

An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.5CVSS5.8AI score0.0077EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2026/06/01 12:0 a.m.5 views

Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authenticati...

7.5CVSS7.1AI score0.0077EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/01 12:0 a.m.11 views

Security update for postgresql-jdbc (important)

openSUSE security update: security update for postgresql-jdbc ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20847-1 Rating: important References: bsc1264174 Cross-References: CVE-2026-42198 CVSS scores: CVE-2026-42198 SUSE : 7.5...

7.5CVSS5.8AI score0.0077EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 4:36 p.m.5 views

OPENSUSE-SU-2026:20847-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication bsc1264174...

7.5CVSS7.1AI score0.0077EPSS
Exploits0References2
OSV
OSV
added 2026/05/29 3:58 p.m.7 views

SUSE-SU-2026:22000-1 Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication bsc1264174...

7.5CVSS7.1AI score0.0077EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

SUSE SLES15 Security Update : postgresql-jdbc (SUSE-SU-2026:2028-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2028-1 advisory. This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256...

7.5CVSS5.9AI score0.0077EPSS
Exploits0References4
OSV
OSV
added 2026/05/22 1:22 p.m.7 views

OESA-2026-2445 postgresql-jdbc security update

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. Is an open source JDBC driver written in Pure Java Type 4, and communicates in the PostgreSQL native network protocol. Security Fixes: pgjdbc is an open...

7.5CVSS7AI score0.0077EPSS
Exploits0References2
Rows per page
Query Builder