CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

558 matches found

Tenable Nessus•added 2026/01/08 12:0 a.m.•1 views

RHEL 8 : postgresql:13 (RHSA-2026:0265)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0265 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: CREATE STATISTICS does not check fo...

5.9CVSS5.7AI score0.00301EPSS

Exploits0References7

RedhatCVE•added 2026/01/07 9:12 a.m.•21 views

CVE-2025-1731

An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting...

7.8CVSS7.7AI score0.0093EPSS

Exploits2References1

Tenable Nessus•added 2025/12/08 12:0 a.m.•8 views

Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL14-2025-021 (ALASPOSTGRESQL14-2025-021)

The version of postgresql installed on the remote host is prior to 14.20-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2025-021 advisory. Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of...

5.9CVSS5.8AI score0.00301EPSS

Exploits0References6

Tenable Nessus•added 2025/12/03 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-13372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. FilteredRelation is subject to SQL injection in column aliases, using a...

4.3CVSS7.3AI score0.0087EPSS

Exploits0References2

RedhatCVE•added 2025/11/27 12:58 a.m.•9 views

CVE-2025-66260

PostgreSQL SQL Injection statussql.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform SQL injection via sw1 and sw2 parameters in statussql.php. The statussql.php endpoint constructs...

7.2CVSS8.3AI score0.00268EPSS

Exploits1References1

Tenable Nessus•added 2025/11/20 12:0 a.m.•4 views

TencentOS Server 4: postgresql16 (TSSA-2024:0908)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0908 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.8CVSS7.3AI score0.04422EPSS

Exploits1References5

Tenable Nessus•added 2025/11/20 12:0 a.m.•4 views

TencentOS Server 4: postgresql (TSSA-2025:0369)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0369 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

5.9CVSS6.7AI score0.00612EPSS

Exploits0References2

IBM Security Bulletins•added 2025/10/31 6:37 p.m.•20 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to various issues in postgresql

Summary IBM Watson Speech Services Cartridge is vulnerable to various issues in postgresql please see below. Postgresql is used in our speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2023-39417 DESCRIPTION: I...

8.8CVSS8.3AI score0.89472EPSS

Exploits11Affected Software1

Tenable Nessus•added 2025/10/22 12:0 a.m.•5 views

TencentOS Server 2: postgresql (TSSA-2025:0806)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0806 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

8.8CVSS7.5AI score0.00709EPSS

Exploits1References2

Tenable Nessus•added 2025/10/16 12:0 a.m.•5 views

TencentOS Server 3: postgresql:16 (TSSA-2025:0781)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0781 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.7AI score0.0257EPSS

Exploits2References4

Kaspersky•added 2025/10/13 12:0 a.m.•5 views

KLA90145 Multiple vulnerabilities in PostgreSQL

Multiple vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Missing authorization vulnerability in PostgreSQL CREATE STATISTICS command can be exploited to cause denial of service...

5.9CVSS6.7AI score0.00301EPSS

Exploits0References4

IBM Security Bulletins•added 2025/10/07 7:14 a.m.•6 views

Security Bulletin: IBM Connect:Direct Web Services is affected by a PostgreSQL vulnerability (CVE-2025-49146)

Summary IBM Connect:Direct Web Services has addressed a PostgreSQL vulnerability. Vulnerability Details CVEID:CVE-2025-49146 DESCRIPTION: pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to requir...

8.2CVSS6.7AI score0.00461EPSS

Exploits0Affected Software1