Lucene search
K

179 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-26958

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00618EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-21512

Malicious code in bioql PyPI...

2.7CVSS7.6AI score0.00256EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-0985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. T...

8CVSS7.8AI score0.01465EPSS
Exploits0References2
CNVD
CNVD
added 2025/07/21 12:0 a.m.5 views

Unspecified Vulnerability in Oracle Database Server (CNVD-2025-24075)

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Materialized View for Oracle Databas...

2.7CVSS6.7AI score0.00256EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.7 views

The vulnerability of the Oracle Database Materialized View component of the Oracle Database Server allows a attacker to gain access to read, modify, or delete data.

The vulnerability of the Oracle Database Materialized View component in the Oracle Database Server management system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, or delete data...

4CVSS7.2AI score0.00256EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/17 7:55 p.m.5 views

CVE-2025-50066

Vulnerability in the Oracle Database Materialized View component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Execute on DBMSREDEFINITION privilege with network...

2.7CVSS5.3AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2025/07/15 8:15 p.m.4 views

CVE-2025-50066

Vulnerability in the Oracle Database Materialized View component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Execute on DBMSREDEFINITION privilege with network...

2.7CVSS5.8AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2025/07/15 8:15 p.m.7 views

CVE-2025-50066

Vulnerability in the Oracle Database Materialized View component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Execute on DBMSREDEFINITION privilege with network...

2.7CVSS0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.5 views

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Materialized View for Oracle Databas...

2.7CVSS7.2AI score0.00256EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/15 12:0 a.m.5 views

PT-2025-29621 · Oracle · Oracle Database 23.4 +8

Name of the Vulnerable Software and Affected Versions: Oracle Database versions 19.3 through 19.27 Oracle Database versions 21.3 through 21.18 Oracle Database versions 23.4 through 23.8 Description: This issue affects the Oracle Database Materialized View component. A highly privileged attacker...

4CVSS7.2AI score0.00256EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.7 views

CVE-2023-22847

Information disclosure vulnerability exists in pgivm versions prior to 1.5.1. An Incrementally Maintainable Materialized View IMMV created by pgivm may reflect rows with Row-Level Security that the owner of the IMMV should not have access to. As a result, information in tables protected by...

4.3CVSS6.3AI score0.00618EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:16 a.m.11 views

CVE-2023-41116

An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It allows an authenticated user to refresh any materialized view, regardless of that user's permissions...

4.3CVSS6.7AI score0.00446EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:37 a.m.4 views

CVE-2023-23554

Uncontrolled search path element vulnerability exists in pgivm versions prior to 1.5.1. When refreshing an IMMV, pgivm executes functions without specifying schema names. Under certain conditions, pgivm may be tricked to execute unexpected functions from other schemas with the IMMV owner's...

8.8CVSS7.1AI score0.00939EPSS
Exploits0References1
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.8 views

PostgreSQL Vulnerable to Privileged Execution of Arbitrary SQL due to Late Privilege Drop in 'REFRESH MATERIALIZED VIEW CONCURRENTLY'

An authenticated attacker that has created a materialized view could run arbitrary SQL commands on a PostgreSQL server if a victim runs REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's view. If the victim is a superuser this could result in full compromise of the PostgreSQL server...

8CVSS7.7AI score0.01465EPSS
Exploits0
OSV
OSV
added 2024/11/22 2:22 p.m.14 views

OESA-2024-2430 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

8.8CVSS8.3AI score0.04422EPSS
Exploits1References6
OSV
OSV
added 2024/11/22 2:22 p.m.10 views

OESA-2024-2429 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

8.8CVSS8.3AI score0.04422EPSS
Exploits1References6
OSV
OSV
added 2024/11/22 2:22 p.m.2 views

OESA-2024-2428 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

8.8CVSS7.9AI score0.04422EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.18 views

CBL Mariner 2.0 Security Update: postgresql (CVE-2024-0985)

The version of postgresql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0985 advisory. - Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to...

8CVSS7.9AI score0.01465EPSS
Exploits0References2
OSV
OSV
added 2024/03/26 10:33 p.m.7 views

CLSA-2024-1711492417 Fix CVE(s): CVE-2024-0985

SECURITY UPDATE: Execution of arbitrary SQL functions as the command issuer because of late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY - debian/patches/CVE-2024-0985.patch: run REFRESH MATERIALIZED VIEW CONCURRENTLY in right security context - CVE-2024-0985...

8CVSS6AI score0.01465EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/03/20 9:41 a.m.5 views

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

A flaw was found in PostgreSQL. A late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL can allow an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling a safe refre...

8CVSS7.5AI score0.01465EPSS
Exploits0References4
Rows per page
Query Builder