CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1152 matches found

Tenable Nessus•added 2025/08/29 12:0 a.m.•6 views

Oracle Linux 8 : postgresql:16 (ELSA-2025-14899)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14899 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1...

8.8CVSS7.7AI score0.00709EPSS

Exploits1References3

RedHat Linux•added 2025/08/28 6:29 a.m.•3 views

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...

3.1CVSS7AI score0.00205EPSS

Exploits0References5

RedhatCVE•added 2025/08/20 5:33 p.m.•6 views

CVE-2025-55283

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows elevation to superuser inside PostgreSQL databases during a migration from an untrusted source server. The vulnerability stems from psql executing commands embedded in a...

9.1CVSS6.6AI score0.00575EPSS

Exploits0References1

Tenable Nessus•added 2025/08/20 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2023-39417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct...

8.8CVSS8.1AI score0.01572EPSS

Exploits0References2

Tenable Nessus•added 2025/08/19 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2025-4207

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte...

5.9CVSS6.5AI score0.00612EPSS

Exploits0References3

Vulnrichment•added 2025/08/18 4:44 p.m.•4 views

CVE-2025-55282 aiven-db-migrate allows Privilege Escalation via unrestricted search_path during migration

aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of searchpath restriction, an attacke...

9.1CVSS7.3AI score0.00675EPSS

Exploits0References2

Tenable Nessus•added 2025/08/18 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2023-2454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schemaelement defeats protective searchpath changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated...

7.2CVSS7AI score0.0119EPSS

Exploits0References2

Tenable Nessus•added 2025/08/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2024-10979

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PAT...

8.8CVSS8.1AI score0.04422EPSS

Exploits1References2