CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...

8.8CVSS6.1AI score0.25922EPSS

Exploits2References4

NVD•added 2025/09/25 5:15 p.m.•3 views

CVE-2025-34227

8.8CVSS0.25922EPSS

Exploits2References4

RedHat Linux•added 2025/09/22 11:39 p.m.•6 views

pgjdbc: pgjdbc insecure authentication in channel binding

A connection handling flaw was found in the pgjdbc connection driver in configurations that require channel binding. Connections created with authentication methods that should not allow channel binding permit connections to use channel binding. This flaw allows attackers to position themselves i...

8.2CVSS5.8AI score0.00457EPSS

Exploits0References6

Redos•added 2025/09/12 12:0 a.m.•3 views

ROS-20250912-03

Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...

8.8CVSS8AI score0.00385EPSS

Exploits0

Snyk•added 2025/09/08 9:48 p.m.•2 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via improper handling of user-supplied input in the SelectSQL process and other query construction logic. An attacker can execute arbitrary SQL commands on the underlying database by supplying crafted values in HTTP reques...

9.8CVSS8AI score0.00341EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by