Lucene search
K

195 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-48286

Malicious code in bioql PyPI...

8.8CVSS7.5AI score0.01565EPSS
Exploits0References1
Redos
Redos
added 2025/09/23 12:0 a.m.5 views

ROS-20250923-11

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
Redos
Redos
added 2025/09/23 12:0 a.m.3 views

ROS-20250923-10

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

8.8CVSS8.2AI score0.00709EPSS
Exploits1
OSV
OSV
added 2025/09/12 2:24 p.m.4 views

OESA-2025-2240 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

8.8CVSS8.2AI score0.00709EPSS
Exploits1References4
Redos
Redos
added 2025/09/12 12:0 a.m.5 views

ROS-20250912-06

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS
Exploits0
Mageia
Mageia
added 2025/09/08 7:35 p.m.13 views

Updated postgresql15 & postgresql13 packages fix security vulnerabilities

PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. CVE-2025-8713 PostgreSQL pgdump lets superuser of origin server execute arbitrary code in psql client. CVE-2025-8714 PostgreSQL pgdump newline in object name executes arbitrary code in psql client an...

8.8CVSS7.9AI score0.00709EPSS
Exploits1References2
OSV
OSV
added 2025/09/08 7:35 p.m.4 views

MGASA-2025-0230 Updated postgresql15 & postgresql13 packages fix security vulnerabilities

PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table. CVE-2025-8713 PostgreSQL pgdump lets superuser of origin server execute arbitrary code in psql client. CVE-2025-8714 PostgreSQL pgdump newline in object name executes arbitrary code in psql client an...

8.8CVSS7.7AI score0.00709EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/09/08 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0150: postgresql:13 (ALINUX3-SA-2025:0150)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0150 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-8714: Untrusted data inclusion in...

8.8CVSS7.7AI score0.0257EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/09/05 12:0 a.m.4 views

Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL14-2025-019 (ALASPOSTGRESQL14-2025-019)

The version of postgresql installed on the remote host is prior to 14.19-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2025-019 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access...

8.8CVSS7.5AI score0.0257EPSS
Exploits2References8
Microsoft CVE
Microsoft CVE
added 2025/09/04 7:9 a.m.4 views

PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server

...

8.8CVSS7AI score0.00385EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 7:3 a.m.4 views

PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client

...

8.8CVSS7AI score0.00709EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2025/09/02 11:0 a.m.7 views

postgresql: PostgreSQL code execution in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-8714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the...

8.8CVSS7.4AI score0.00709EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

SUSE SLES15: postgresql14 / postgresql14-contrib / postgresql14-devel / etc (SUSE-SU-2025:03019-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03019-1 advisory. Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child...

8.8CVSS7.4AI score0.00709EPSS
Exploits1References10
OSV
OSV
added 2025/08/29 3:13 p.m.3 views

SUSE-SU-2025:03031-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS6.3AI score0.00709EPSS
Exploits1References7
SUSE Linux
SUSE Linux
added 2025/08/29 8:32 a.m.3 views

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References12
OSV
OSV
added 2025/08/29 8:32 a.m.1 views

SUSE-SU-2025:03020-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References7
SUSE Linux
SUSE Linux
added 2025/08/29 8:31 a.m.2 views

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...

8.8CVSS7.8AI score0.00709EPSS
Exploits1References12
OSV
OSV
added 2025/08/27 1:42 p.m.4 views

SUSE-SU-2025:03004-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS7.7AI score0.00709EPSS
Exploits1References7
SUSE Linux
SUSE Linux
added 2025/08/27 1:42 p.m.2 views

Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.22: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...

8.8CVSS8AI score0.00709EPSS
Exploits1References12
Rows per page
Query Builder