CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

153 matches found

NVD•added 2026/06/21 2:16 p.m.•8 views

CVE-2026-56239

Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.applyusageoverage SECURITY DEFINER function, which performs sensitive billing operations without enforcing internal authorization checks no validation of auth.uid, org membership, or checkminrights. Becaus...

7.6CVSS0.00199EPSS

Exploits0References2

ATTACKERKB•added 2026/06/21 1:26 p.m.•4 views

CVE-2026-56239

7.6CVSS6AI score0.00199EPSS

Exploits0References3

Cvelist•added 2026/06/21 1:26 p.m.•28 views

CVE-2026-56239 Capgo - Privilege Escalation via SECURITY DEFINER Function apply_usage_overage

7.6CVSS0.00199EPSS

Exploits0References2

CVE•added 2026/06/21 1:26 p.m.•11 views

CVE-2026-56239

Capgo CVE-2026-56239 affects Capgo before 12.128.2. The vulnerability lies in the public.apply_usage_overage SECURITY DEFINER function, which performs billing operations without validating authorization (no auth.uid(), org membership, or check_min_rights). Because the function runs with the owner...

7.6CVSS6AI score0.00199EPSS

Exploits0References2

EUVD•added 2026/06/21 1:26 p.m.•6 views

EUVD-2026-38166

7.6CVSS6AI score0.00199EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability in PostgresSQL 11

Incomplete tracking of tables with row security in PostgreSQL allows a reused query to view or modify different rows than intended. CVE-2023-2455 and CVE-2016-2193 addressed most issues related to interactions between row security and changes to user IDs. However, they did not cover cases where a...

5.4CVSS6.5AI score0.00786EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability in PostgresSQL 11

The vulnerability of the SECURITY DEFINER function in a relational database management system like PostgreSQL is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS5.8AI score

Exploits0References1

OSV•added 2026/04/03 1:27 p.m.•4 views

JLSEC-2026-41

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security...

5.4CVSS5.9AI score0.00694EPSS

Exploits0References6

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 4 : postgresql-8.4.20-8.0.1.AXS4 (AXSA:2021-1754:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1754:02 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...

8.8CVSS8.1AI score0.4644EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 11:27 a.m.•5 views

CVE-2021-33204

In the pgpartman aka PG Partition Manager extension before 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because an explicit searchpath is not set...

9.8CVSS7.7AI score0.022EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•14 views

EUVD-2021-19916

Malware in sbrugna...

9.8CVSS9.3AI score0.022EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2004-1367

Malware in sbrugna...

7.5CVSS6.2AI score0.03856EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2010-3760

Malware in sbrugna...

6CVSS6.4AI score0.01573EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2007-2133

Malware in sbrugna...

6CVSS7.4AI score0.03184EPSS

Exploits0References38

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2012-0891

Malware in sbrugna...

6.5CVSS8.7AI score0.03625EPSS

Exploits1References23

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-33940

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00694EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-45636

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00759EPSS

Exploits0References1

Tenable Nessus•added 2025/08/30 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-33204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the pgpartman aka PG Partition Manager extension before 4.5.1 for PostgreSQL, arbitrary code execution can be achieved via SECURITY DEFINER functions because...

9.8CVSS8.3AI score0.022EPSS

Exploits0References2

Tenable Nessus•added 2025/08/20 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2019-10208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitra...

8.8CVSS7.8AI score0.0217EPSS

Exploits0References2

Tenable Nessus•added 2025/08/18 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2024-10976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and...

7.5CVSS6.3AI score0.01807EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by