12 matches found
pgAdmin 4 - Authentication Bypass
pgAdmin 4 versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. id: CVE-2024-9014 info: name: pgAdmin 4 - Authentication Bypass author...
Exploit for CVE-2024-9014
CVE-2024-9014 - pgAdmin 4 OAuth2 Authentication Bypass Exploit...
Fedora: Security Advisory (FEDORA-2024-4944ad2c87)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
pgadmin4-9.2-1.1 on GA media (moderate)
pgadmin4-9.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:14983-1 Rating: moderate Cross-References: CVE-2024-6238 CVE-2024-9014 CVE-2025-2945 CVE-2025-2946 CVSS scores: CVE-2024-6238 SUSE : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-9014 SUSE : 8...
Fedora 41 : pgadmin4 (2024-4944ad2c87)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4944ad2c87 advisory. Fix CVE-2024-9014. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
K000148478: PostgreSQL pgAdmin vulnerability CVE-2024-9014
Security Advisory Description pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. CVE-2024-9014 Impact There is no impact; F...
SUSE SLED15: pgadmin4 / pgadmin4-cloud / pgadmin4-desktop / pgadmin4-doc / etc (SUSE-SU-2024:3771-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3771-1 advisory. - CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 - CVE-2024-38998: Fixed...
openSUSE Security Advisory (SUSE-SU-2024:3771-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3771-1 Security update for pgadmin4
This update for pgadmin4 fixes the following issues: - CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 - CVE-2024-38998: Fixed requirejs: prototype pollution via function config bsc1227248 - CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts..configur...
Fedora: Security Advisory (FEDORA-2024-126d22c121)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-9014
creationtimestamp| type| source ---|---|--- 2024-09-23 19:39:54+00:00| seen| https://t.me/cvedetector/6195 2024-09-25 08:46:00+00:00| seen| https://t.me/CyberBulletin/882 2024-09-25 09:57:05+00:00| published-proof-of-concept| https://t.me/HackingInsights/14234 2024-09-25 10:10:53+00:00| seen|...
CVE-2024-9014 OAuth2 client id and secret exposed through the web browser in pgAdmin 4
pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data...