Lucene search
K

12 matches found

Nuclei
Nuclei
added yesterday56 views

pgAdmin 4 - Authentication Bypass

pgAdmin 4 versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. id: CVE-2024-9014 info: name: pgAdmin 4 - Authentication Bypass author...

9.9CVSS6.6AI score0.09685EPSS
Exploits2References3
GithubExploit
GithubExploit
added 2025/07/08 11:12 a.m.150 views

Exploit for CVE-2024-9014

CVE-2024-9014 - pgAdmin 4 OAuth2 Authentication Bypass Exploit...

9.9CVSS6.2AI score0.09685EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2024-4944ad2c87)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS6.5AI score0.09685EPSS
Exploits2References3
OPENSUSE Linux
OPENSUSE Linux
added 2025/04/11 12:0 a.m.6 views

pgadmin4-9.2-1.1 on GA media (moderate)

pgadmin4-9.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:14983-1 Rating: moderate Cross-References: CVE-2024-6238 CVE-2024-9014 CVE-2025-2945 CVE-2025-2946 CVSS scores: CVE-2024-6238 SUSE : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-9014 SUSE : 8...

9.9CVSS7.4AI score0.46222EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.10 views

Fedora 41 : pgadmin4 (2024-4944ad2c87)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4944ad2c87 advisory. Fix CVE-2024-9014. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

9.9CVSS5.5AI score0.09685EPSS
Exploits2References2
F5 Networks
F5 Networks
added 2024/11/11 3:1 a.m.30 views

K000148478: PostgreSQL pgAdmin vulnerability CVE-2024-9014

Security Advisory Description pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. CVE-2024-9014 Impact There is no impact; F...

9.9CVSS6.3AI score0.09685EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/10/31 12:0 a.m.15 views

SUSE SLED15: pgadmin4 / pgadmin4-cloud / pgadmin4-desktop / pgadmin4-doc / etc (SUSE-SU-2024:3771-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3771-1 advisory. - CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 - CVE-2024-38998: Fixed...

10CVSS7AI score0.09685EPSS
Exploits9References29
OpenVAS
OpenVAS
added 2024/10/30 12:0 a.m.31 views

openSUSE Security Advisory (SUSE-SU-2024:3771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.09685EPSS
Exploits9References13
OSV
OSV
added 2024/10/29 12:55 p.m.33 views

SUSE-SU-2024:3771-1 Security update for pgadmin4

This update for pgadmin4 fixes the following issues: - CVE-2024-38355: Fixed socket.io: unhandled 'error' event bsc1226967 - CVE-2024-38998: Fixed requirejs: prototype pollution via function config bsc1227248 - CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts..configur...

10CVSS6.5AI score0.09685EPSS
Exploits9References21
OpenVAS
OpenVAS
added 2024/10/04 12:0 a.m.16 views

Fedora: Security Advisory (FEDORA-2024-126d22c121)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS6.5AI score0.09685EPSS
Exploits2References3
Circl
Circl
added 2024/09/23 7:39 p.m.74 views

CVE-2024-9014

creationtimestamp| type| source ---|---|--- 2024-09-23 19:39:54+00:00| seen| https://t.me/cvedetector/6195 2024-09-25 08:46:00+00:00| seen| https://t.me/CyberBulletin/882 2024-09-25 09:57:05+00:00| published-proof-of-concept| https://t.me/HackingInsights/14234 2024-09-25 10:10:53+00:00| seen|...

9.9CVSS6.5AI score0.09685EPSS
In wildExploits2References19
Cvelist
Cvelist
added 2024/09/23 5:4 p.m.79 views

CVE-2024-9014 OAuth2 client id and secret exposed through the web browser in pgAdmin 4

pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data...

9.9CVSS0.09685EPSS
Exploits2References1
Rows per page
Query Builder