SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via improper handling of user-supplied input in the SelectSQL process and other query construction logic. An attacker can execute arbitrary SQL commands on the underlying database by supplying crafted values in HTTP reques...

pREST has a Systemic SQL Injection Vulnerability

Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that...

GHSA-P46V-F2X8-QP98 pREST has a Systemic SQL Injection Vulnerability

Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that...

PT-2025-36628

Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that...

Malicious code in elara-postgres-auth-rigel (npm)

The package elara-postgres-auth-rigel was found to contain malicious code...

Malicious code in lint-gulp-prompts-postgres (npm)

The package lint-gulp-prompts-postgres was found to contain malicious code...

Malicious code in perseus-postgres-jwt-config (npm)

The package perseus-postgres-jwt-config was found to contain malicious code...

Malicious code in postgres-futurology-standard-postcss (npm)

The package postgres-futurology-standard-postcss was found to contain malicious code...

Malicious code in postgres-stratosphere-draco-wolf (npm)

The package postgres-stratosphere-draco-wolf was found to contain malicious code...

Malicious code in zenith-virtualreality-postgres-hydrogeology (npm)

The package zenith-virtualreality-postgres-hydrogeology was found to contain malicious code...

MAL-2025-45033 Malicious code in lint-gulp-prompts-postgres (npm)

The package lint-gulp-prompts-postgres was found to contain malicious code...

MAL-2025-44116 Malicious code in elara-postgres-auth-rigel (npm)

The package elara-postgres-auth-rigel was found to contain malicious code...

MAL-2025-45579 Malicious code in postgres-futurology-standard-postcss (npm)

The package postgres-futurology-standard-postcss was found to contain malicious code...

MAL-2025-46173 Malicious code in supernova-indus-postgres-augmentedreality (npm)

The package supernova-indus-postgres-augmentedreality was found to contain malicious code...

MAL-2025-46872 Malicious code in zenith-virtualreality-postgres-hydrogeology (npm)

The package zenith-virtualreality-postgres-hydrogeology was found to contain malicious code...

MAL-2025-45580 Malicious code in postgres-stratosphere-draco-wolf (npm)

The package postgres-stratosphere-draco-wolf was found to contain malicious code...

MAL-2025-45542 Malicious code in perseus-postgres-jwt-config (npm)

The package perseus-postgres-jwt-config was found to contain malicious code...

Oracle Linux 8 : postgresql:12 (ELSA-2025-15115)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15115 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 12.22-5 - Fix previous Backport 12.22-4 - Backport CVE-2025-8715 Tenable has extracted the preceding...

Oracle Linux 8 : postgresql:13 (ELSA-2025-15021)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15021 advisory. pgaudit 1.5.0-1 - Update to version 1.5.0 Related: 1855776 pgrepack 1.4.6-3 - Release bump - enable gating 1.4.6-2 - Rebuild - Resolves:1954442 1.4.6-...

Linux Distros Unpatched Vulnerability : CVE-2017-16082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2...