Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13314 matches found

Vulnrichment
Vulnrichmentadded 2025/07/03 11:20 a.m.3 views

CVE-2025-1709 CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

6.5CVSS6.8AI score0.00337EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/07/03 11:20 a.m.21 views

CVE-2025-1709 CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

6.5CVSS0.00337EPSS
Exploits0References6
CVE
CVEadded 2025/07/03 11:20 a.m.28 views

CVE-2025-1709

CVE-2025-1709 concerns Endress+Hauser MEAC300-FNADE4: information disclosure caused by local PostgreSQL credentials stored in plaintext (partially base64 encoded). Several connected sources reiterate that credentials are exposed, impacting confidentiality. Root cause: credentials stored in plaint...

6.5CVSS6.3AI score0.00337EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2025/07/03 11:18 a.m.6 views

CVE-2025-1708 CVE-2025-1708

The application is vulnerable to SQL injection attacks. An attacker is able to dump the PostgreSQL database and read its content...

8.6CVSS0.00394EPSS
Exploits0References6
CVE
CVEadded 2025/07/03 11:18 a.m.26 views

CVE-2025-1708

CVE-2025-1708 affects the Endress+Hauser MEAC300-FNADE4 (Endress+Hauser) through an SQL injection vulnerability. The included documents consistently describe that an attacker can exploit improper validation to dump/read data from the PostgreSQL back-end database (and potentially view/add/modify/d...

8.6CVSS7.3AI score0.00394EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2025/07/03 11:18 a.m.3 views

CVE-2025-1708 CVE-2025-1708

The application is vulnerable to SQL injection attacks. An attacker is able to dump the PostgreSQL database and read its content...

8.6CVSS8AI score0.00394EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/07/03 1:19 a.m.11 views

CVE-2025-53005

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has...

9.8CVSS7.1AI score0.00522EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/07/03 12:0 a.m.4 views

PT-2025-27770

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The application is vulnerable to SQL injection attacks, allowing an attacker to dump the PostgreSQL database and read its content. Recommendations: At the moment, there is no information abo...

8.6CVSS5.9AI score0.00394EPSS
Exploits0References14
CNNVD
CNNVDadded 2025/07/03 12:0 a.m.9 views

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from an information disclosure vulnerability that originates from local PostgreSQL database credentials stored in plaintext. An attacker...

6.5CVSS5.7AI score0.00337EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2025/07/03 12:0 a.m.2 views

PT-2025-27772

Name of the Vulnerable Software and Affected Versions: PostgreSQL affected versions not specified Description: The issue involves several credentials for the local PostgreSQL database being stored in plain text, with some partially base64 encoded. Recommendations: At the moment, there is no...

6.8CVSS5.4AI score0.00337EPSS
Exploits0References12
OSV
OSVadded 2025/07/03 12:0 a.m.2 views

OPENSUSE-SU-2025:15264-1 postgresql-jdbc-42.7.7-1.1 on GA media

These are all security issues fixed in the postgresql-jdbc-42.7.7-1.1 package on the GA media of openSUSE Tumbleweed...

8.2CVSS7.2AI score0.00461EPSS
Exploits0References1
NVD
NVDadded 2025/07/02 3:15 p.m.3 views

CVE-2025-53006

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference li...

9.8CVSS0.00543EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/07/02 2:22 p.m.6 views

CVE-2025-53006 Dataease PostgreSQL & Redshift Data Source JDBC Connection Parameters Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference li...

9.3CVSS0.00543EPSS
Exploits1References1
CVE
CVEadded 2025/07/02 2:22 p.m.20 views

CVE-2025-53006

DataEase before version 2.10.11 vulnerable due to improper handling of SSL-related JDBC connection parameters (sslfactory, sslfactoryarg, sslhostnameverifier, sslpasswordcallback, authenticationPluginClassName) which must be triggered after the connection is established. This affects PostgreSQL a...

9.8CVSS6.3AI score0.00543EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/07/02 2:22 p.m.4 views

CVE-2025-53006 Dataease PostgreSQL & Redshift Data Source JDBC Connection Parameters Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference li...

9.3CVSS6.4AI score0.00543EPSS
Exploits1References1
OSV
OSVadded 2025/07/02 2:22 p.m.3 views

CVE-2025-53006 Dataease PostgreSQL & Redshift Data Source JDBC Connection Parameters Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference li...

9.3CVSS6.7AI score0.00543EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/07/02 12:0 a.m.2 views

DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. A security vulnerability exists in DataEase versions prior to 2.10.11 that stem...

9.8CVSS6.6AI score0.00543EPSS
Exploits1References1
NVD
NVDadded 2025/07/01 1:15 a.m.9 views

CVE-2025-53005

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has...

9.8CVSS0.00522EPSS
Exploits1References1
CVE
CVEadded 2025/07/01 12:33 a.m.27 views

CVE-2025-53005

DataEase (open source BI tool) is affected by CVE-2025-53005 prior to version 2.10.11 due to a bypass vulnerability in the PostgreSQL Data Source JDBC Connection Parameters. Specifically, the sslfactory and sslfactoryarg parameters could trigger the bypass. The issue has been fixed in version 2.1...

9.8CVSS6.4AI score0.00522EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/07/01 12:33 a.m.2 views

CVE-2025-53005 Dataease PostgreSQL Data Source JDBC Connection Parameters Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has...

9.3CVSS7AI score0.00522EPSS
Exploits1References1
Rows per page
Query Builder