12 matches found
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
postgresql: PostgreSQL code execution in restore operation
A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...
CVE-2025-8714
Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...
CVE-2025-8714
CVE-2025-8714 affects PostgreSQL (and variants in related advisories) via Untrusted data inclusion in pg_dump, pg_dumpall, and pg_restore, allowing a malicious superuser to inject code during restore as the client OS account running psql. The issue arises from processing psql meta-commands in dum...
CVE-2025-48376
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser Host could craft a request to use an external url for a site export to then be imported. Version 9.13.9 fixes the issue...
GHSA-62MF-VHHW-XMF8 DNN site Import could use an external source with a crafted request
A malicious SuperUser Host could craft a request to use an external url for a site export to then be imported...
CVE-2025-48376 Dnn.Platform's Site Import could use an external source with a crafted request
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser Host could craft a request to use an external url for a site export to then be imported. Version 9.13.9 fixes the issue...
rsh Excessive Trust Vulnerability
Added: 01/25/2013 CVE: CVE-1999-0515 Background The rsh service allows remote users, using an rsh client, to execute individual shell commands on an rsh server without the need for a password. The rsh process uses the .rhosts file to list trusted hosts those machines allowed to use the service...