CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13317 matches found

The Hacker News•added 2025/02/14 5:3 a.m.•32 views

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access PRA and Remote Support RS products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The vulnerability,...

9.8CVSS9.5AI score0.95151EPSS

Exploits16

SUSE CVE•added 2025/02/14 3:52 a.m.•5 views

SUSE CVE-2025-1094

Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the...

8.8CVSS8.2AI score0.89472EPSS

Exploits10References26

OpenVAS•added 2025/02/14 12:0 a.m.•13 views

Debian: Security Advisory (DLA-4052-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.89472EPSS

Exploits10References2

OpenVAS•added 2025/02/14 12:0 a.m.•26 views

PostgreSQL SQLi Vulnerability (Feb 2025) - Linux

PostgreSQL is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql...

9.8CVSS9.1AI score0.89472EPSS

Exploits14References3

OpenVAS•added 2025/02/14 12:0 a.m.•25 views

PostgreSQL SQLi Vulnerability (Feb 2025) - Windows

9.8CVSS9.1AI score0.89472EPSS

Exploits14References3

Tenable Nessus•added 2025/02/14 12:0 a.m.•6 views

Azure Linux 3.0 Security Update: postgresql (CVE-2024-4317)

The version of postgresql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4317 advisory. - Missing authorization in PostgreSQL built-in views pgstatsext and pgstatsextexprs allows an unprivileged...

4.3CVSS6.6AI score0.00722EPSS

Exploits0References2

Debian•added 2025/02/13 8:8 p.m.•84 views

[SECURITY] [DLA 4052-1] postgresql-13 security update

Debian LTS Advisory DLA-4052-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón February 13, 2025 https://wiki.debian.org/LTS Package : postgresql-13 Version : 13.19-0+deb11u1 CVE ID : CVE-2025-1094 A security issue was discovered in the PostgreSQL database...

8.1CVSS7.3AI score0.89472EPSS

Exploits10

Rapid7 Blog•added 2025/02/13 3:7 p.m.•90 views

CVE-2025-1094: PostgreSQL psql SQL injection (FIXED)

Rapid7 discovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting the PostgreSQL interactive tool psql. This discovery was made while Rapid7 was performing research into the recent exploitation of CVE-2024-12356 — an unauthenticated remote code execution RCE vulnerability th...

9.8CVSS9.2AI score0.89472EPSS

Exploits14

Rapid7 Blog•added 2025/02/13 3:7 p.m.•5 views

CVE-2025-1094: PostgreSQL psql SQL injection (FIXED)

9.8CVSS9.8AI score0.89472EPSS

Exploits14