Lucene search
K

182 matches found

Github Security Blog
Github Security Blog
added 2025/11/13 3:30 p.m.7 views

pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.8CVSS7.8AI score0.12384EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/11/13 3:30 p.m.5 views

EUVD-2025-169296

pgAdmin4 vulnerable to Remote Code Execution RCE when running in server mode...

9.1CVSS6.8AI score0.12384EPSS
Exploits1References3
OSV
OSV
added 2025/11/13 3:30 p.m.4 views

GHSA-W2P4-P4RH-QCM3 pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS7.7AI score0.12384EPSS
Exploits1References4
NVD
NVD
added 2025/11/13 1:15 p.m.7 views

CVE-2025-12762

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.8CVSS0.12384EPSS
Exploits1References1
CVE
CVE
added 2025/11/13 1:0 p.m.101 views

CVE-2025-12762

CVE-2025-12762 affects pgAdmin 4 up to v9.9 when running in server mode and performing restores from PLAIN-format dumps, enabling remote code execution via injected commands on the host. Public advisories and Nessus/GHSA entries confirm this is a critical RCE with network access, low complexity, ...

9.8CVSS7.3AI score0.12384EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/13 1:0 p.m.1 views

CVE-2025-12762 Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode (pgAdmin 4)

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS7.4AI score0.12384EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/13 1:0 p.m.15 views

CVE-2025-12762 Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode (pgAdmin 4)

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS0.12384EPSS
Exploits1References1
OSV
OSV
added 2025/11/13 1:0 p.m.3 views

CVE-2025-12762 Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode (pgAdmin 4)

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS6.4AI score0.12384EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.5 views

pgAdmin 安全漏洞

pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin 9.9 and earlier versions, which stems from improper handling of PLAIN-format dump files in server mode, and could lead to remote co...

9.8CVSS7.7AI score0.12384EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.8 views

PT-2025-46819

Name of the Vulnerable Software and Affected Versions pgAdmin versions up to 9.9 Description pgAdmin is susceptible to a Remote Code Execution RCE issue that arises when operating in server mode and restoring from PLAIN-format dump files. This flaw allows attackers to inject and execute arbitrary...

9.8CVSS6.4AI score0.12384EPSS
Exploits1References51
SUSE CVE
SUSE CVE
added 2025/10/24 11:23 p.m.5 views

SUSE CVE-2025-59163

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

2.1CVSS6.8AI score0.0038EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2002-1634

Malware in sbrugna...

5CVSS6.4AI score0.01078EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/07/07 12:0 a.m.9 views

The vulnerability of the LDAP authentication configuration in Server Mode of the pgAdmin 4 database management tool allows a hacker to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the LDAP authentication configuration in the Server Mode mode of the pgAdmin 4 database management tool is related to improper session fixation due to incorrect access control. Exploiting this vulnerability can allow an attacker to bypass security restrictions and gain...

8CVSS5.5AI score0.00447EPSS
Exploits0References8Affected Software2
Redos
Redos
added 2025/07/03 12:0 a.m.6 views

ROS-20250703-01

Vulnerability in Server Mode LDAP authentication configuration of database management tool pgAdmin 4 is related to incorrect session commit as a result of improper access delimitation. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the security restrictions...

8CVSS7.8AI score0.00447EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2025/06/08 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-47105

exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...

8.6CVSS6AI score0.01669EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:57 a.m.7 views

CVE-2023-47105

exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication...

8.6CVSS7.1AI score0.01669EPSS
Exploits0References1
OSV
OSV
added 2025/04/11 1:43 p.m.3 views

OESA-2025-1397 openvpn security update

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...

7.5CVSS6.7AI score0.00815EPSS
Exploits0References2
OSV
OSV
added 2025/04/11 1:43 p.m.4 views

OESA-2025-1396 openvpn security update

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the...

7.5CVSS6.7AI score0.00815EPSS
Exploits0References2
OSV
OSV
added 2025/04/02 9:15 p.m.3 views

DEBIAN-CVE-2025-2704

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...

7.5CVSS6.5AI score0.00815EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/04/02 9:0 p.m.9 views

CVE-2025-2704

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...

7.5CVSS7.4AI score0.00815EPSS
Exploits0
Rows per page
Query Builder