Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.13 views

CVE-2026-9617

A flaw was found in PostgreSQL Anonymizer. A user with specific table creation privileges can exploit this vulnerability by embedding malicious code within a column identifier when creating a table. If a superuser subsequently invokes the k-anonymity function, the embedded malicious code is...

8.8CVSS5.3AI score0.0025EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/27 1:55 p.m.9 views

CVE-2026-9617 PostgreSQL Anonymizer: malicious column name allows SQL injection via anon.k_anonymity() function

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

6.8CVSS5.9AI score0.0025EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-16082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2...

9.8CVSS8.9AI score0.10513EPSS
Exploits1References2
OSV
OSV
added 2022/08/03 7:15 p.m.2 views

DEBIAN-CVE-2022-31197

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contain...

8CVSS7AI score0.01662EPSS
Exploits1References1
NVD
NVD
added 2018/06/07 2:29 a.m.28 views

CVE-2017-16082

A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1 Executing unsafe, user-supplied sql which contains a malicious column name. 2...

9.8CVSS9.7AI score0.10513EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2018/06/07 2:29 a.m.18 views

CVE-2017-16082

A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1 Executing unsafe, user-supplied sql which contains a malicious column name. 2...

9.8CVSS7.7AI score0.10513EPSS
Exploits1References2
OSV
OSV
added 2018/06/07 2:29 a.m.7 views

UBUNTU-CVE-2017-16082

A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1 Executing unsafe, user-supplied sql which contains a malicious column name. 2...

9.8CVSS6.4AI score0.10513EPSS
Exploits1References3
Rows per page
Query Builder