Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2025/05/28 12:0 a.m.8 views

Debian: Security Advisory (DLA-4180-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.01029EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.10 views

Debian dla-4180 : pgbouncer - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4180 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4180-1 [email protected]...

9.8CVSS7.6AI score0.01029EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-3935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When PgBouncer is configured to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established,...

8.1CVSS7.1AI score0.01029EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/14 12:0 a.m.24 views

Debian DLA-2922-1 : pgbouncer - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2922 advisory. It was found that PgBouncer, a PostgreSQL connection pooler, was susceptible to an arbitrary SQL injection attack if a man-in-the-middle could inject data when a connection...

8.1CVSS7.9AI score0.01029EPSS
Exploits0References5
CBLMariner
CBLMariner
added 2021/12/17 8:9 p.m.38 views

CVE-2021-3935 affecting package pgbouncer 1.11.0-2

CVE-2021-3935 affecting package pgbouncer 1.11.0-2. An upgraded version of the package is available that resolves this issue...

8.1CVSS7.4AI score0.01029EPSS
Exploits0
NVD
NVD
added 2021/11/22 4:15 p.m.16 views

CVE-2021-3935

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1...

8.1CVSS0.01029EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/11/22 3:59 p.m.45 views

CVE-2021-3935

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1...

8.2AI score0.01029EPSS
Exploits0References4
CVE
CVE
added 2021/11/22 3:59 p.m.123 views

CVE-2021-3935

CVE-2021-3935 affects PgBouncer when configured to use certificate authentication. A man-in-the-middle can inject arbitrary SQL queries at the first connection, even with TLS verification, in versions prior to 1.16.1. The root cause is not detailed in the initial document, but multiple connected ...

8.1CVSS7.8AI score0.01029EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2021/11/22 3:59 p.m.37 views

CVE-2021-3935

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1...

8.1CVSS8.1AI score0.01029EPSS
Exploits0
Rows per page
Query Builder