Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13313 matches found

OSV
OSVadded 2025/08/14 1:15 p.m.0 views

ALPINE-CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS6.7AI score0.00205EPSS
Exploits0References1
OSV
OSVadded 2025/08/14 1:15 p.m.1 views

ALPINE-CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS7.5AI score0.00709EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2025/08/14 1:15 p.m.1 views

CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS7.4AI score0.00709EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2025/08/14 1:15 p.m.2 views

CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS6.8AI score0.00205EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2025/08/14 1:15 p.m.3 views

CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS7.5AI score0.00385EPSS
Exploits0References4
OSV
OSVadded 2025/08/14 1:15 p.m.5 views

UBUNTU-CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS7.6AI score0.00385EPSS
Exploits0References5
OSV
OSVadded 2025/08/14 1:15 p.m.2 views

UBUNTU-CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS7.5AI score0.00709EPSS
Exploits1References5
OSV
OSVadded 2025/08/14 1:15 p.m.3 views

UBUNTU-CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS7.1AI score0.00205EPSS
Exploits0References5
CVE
CVEadded 2025/08/14 1:0 p.m.114 views

CVE-2025-8714

CVE-2025-8714 affects PostgreSQL (and variants in related advisories) via Untrusted data inclusion in pg_dump, pg_dumpall, and pg_restore, allowing a malicious superuser to inject code during restore as the client OS account running psql. The issue arises from processing psql meta-commands in dum...

8.8CVSS7.6AI score0.00709EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/08/14 1:0 p.m.6 views

CVE-2025-8715 PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS8.6AI score0.00385EPSS
Exploits0References1
Snyk
Snykadded 2025/08/14 1:0 p.m.2 views

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection in the restore process via psql meta-commands inside a purpose-crafted object name. An attacker can execute arbitrary code by injecting meta commands into the file, which can be executed by an unknowing user during the...

8.8CVSS8AI score0.00385EPSS
Exploits0References2
CVE
CVEadded 2025/08/14 1:0 p.m.113 views

CVE-2025-8715

CVE-2025-8715 is a PostgreSQL vulnerability: improper neutralization of newlines in pg_dump allows restore-time code execution and potential SQL injection by a user on the origin server. It affects pg_dump, pg_dumpall, pg_restore, and pg_upgrade; vulnerable versions are PostgreSQL 17.6, 16.10, 15...

8.8CVSS8.6AI score0.00385EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/14 1:0 p.m.9 views

CVE-2025-8714 PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS0.00709EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/08/14 1:0 p.m.13 views

CVE-2025-8715 PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS0.00385EPSS
Exploits0References1
Snyk
Snykadded 2025/08/14 1:0 p.m.2 views

Inclusion of Functionality from Untrusted Control Sphere

Overview Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere when restoring from a plain-text dump file. An attacker can embed malicious psql meta-commands into dump files generated by pgdump --format=plain, pgdumpall, or pgrestore --file...

8.8CVSS7.7AI score0.00709EPSS
Exploits1References2
AlpineLinux
AlpineLinuxadded 2025/08/14 1:0 p.m.3 views

CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS8.7AI score0.00385EPSS
Exploits0
Debian CVE
Debian CVEadded 2025/08/14 1:0 p.m.4 views

CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS7.2AI score0.00709EPSS
Exploits1
Debian CVE
Debian CVEadded 2025/08/14 1:0 p.m.6 views

CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS7.2AI score0.00385EPSS
Exploits0
CVE
CVEadded 2025/08/14 1:0 p.m.81 views

CVE-2025-8713

CVE-2025-8713 concerns PostgreSQL: attacker can read sampled statistics data (e.g., histograms, most-common-values) from columns via optimizer statistics, potentially bypassing view ACLs and row security policies in partitioning/inheritance hierarchies. Affected: PostgreSQL versions prior to 17.6...

3.1CVSS7AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/14 1:0 p.m.8 views

CVE-2025-8713 PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS0.00205EPSS
Exploits0References1
Rows per page
Query Builder