CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в postgresql-11

Inclusion of untrusted data in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for execution during dump restoration, as the client operating system account running psql restores the dump using psql meta-commands. pgdumpall is also affected. pgresto...

8.8CVSS7.3AI score0.00048EPSS

Exploits1References2

F5 Networks•added 2026/02/27 1:10 a.m.•6 views

K000160172: PostgreSQL vulnerability CVE-2025-8714

Security Advisory Description Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also...

8.8CVSS6.1AI score0.00048EPSS

Exploits1

Tenable Nessus•added 2025/09/08 12:0 a.m.•5 views

Alibaba Cloud Linux 3 : 0150: postgresql:13 (ALINUX3-SA-2025:0150)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0150 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-8714: Untrusted data inclusion in...

8.8CVSS7.7AI score0.04372EPSS

Exploits2References3

Amazon•added 2025/09/04 12:0 a.m.•2 views

Important: postgresql

Issue Overview: PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available ...

8.8CVSS8.2AI score0.04372EPSS

Exploits2

RedHat Linux•added 2025/09/02 11:0 a.m.•3 views

postgresql: PostgreSQL code execution in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...

8.8CVSS7.8AI score0.00048EPSS

Exploits1References5

Tenable Nessus•added 2025/08/31 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-8714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the...

8.8CVSS7.4AI score0.00048EPSS

Exploits1References2

SUSE CVE•added 2025/08/14 11:29 p.m.•1 views

SUSE CVE-2025-8714

Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...

8.8CVSS7.5AI score0.00048EPSS

Exploits1References29

SUSE CVE•added 2025/08/14 11:29 p.m.•1 views

SUSE CVE-2025-8715

Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...

8.8CVSS8.5AI score0.00085EPSS

Exploits1References28

OSV•added 2025/08/14 1:15 p.m.•2 views

CVE-2025-8714

8.8CVSS7.6AI score0.00048EPSS

Exploits1References1

OSV•added 2025/08/14 1:15 p.m.•2 views

DEBIAN-CVE-2025-8715

8.8CVSS7.2AI score0.00085EPSS

Exploits1References1

OSV•added 2025/08/14 1:15 p.m.•1 views

ALPINE-CVE-2025-8715

8.8CVSS8.5AI score0.00085EPSS

Exploits1References1

OSV•added 2025/08/14 1:15 p.m.•1 views

ALPINE-CVE-2025-8714

8.8CVSS7.5AI score0.00048EPSS

Exploits1References1

OSV•added 2025/08/14 1:15 p.m.•1 views

AZL-66303 CVE-2025-8714 affecting package postgresql for versions less than 16.10-1

8.8CVSS7.6AI score0.00048EPSS

Exploits1References1

Vulnrichment•added 2025/08/14 1:0 p.m.•2 views

CVE-2025-8714 PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client

8.8CVSS7.6AI score0.00048EPSS

Exploits1References1

Cvelist•added 2025/08/14 1:0 p.m.•6 views

CVE-2025-8714 PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client

8.8CVSS0.00048EPSS

Exploits1References1

AlpineLinux•added 2025/08/14 1:0 p.m.•2 views

CVE-2025-8714

8.8CVSS7.8AI score0.00048EPSS

Exploits1

AlpineLinux•added 2025/08/14 1:0 p.m.•2 views

CVE-2025-8715

8.8CVSS8.7AI score0.00085EPSS

Exploits1

Cvelist•added 2025/08/14 1:0 p.m.•9 views

CVE-2025-8715 PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server

8.8CVSS0.00085EPSS

Exploits1References1

RedHat Linux•added 2018/08/27 8:35 a.m.•0 views

postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask

This release of CloudForms corrects an issue invoked when running pgupgrade by which attackers could read or modify the output of pgdumpall -g in the current working directory. With this release, any attack is rendered infeasible as the directory mode blocks an intruder from searching the current...

7CVSS7.3AI score0.00088EPSS

Exploits0References5

CVE•added 2018/02/09 2:0 p.m.•241 views

CVE-2018-1053

PostgreSQL CVE-2018-1053 affects 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2. pg_upgrade creates a file in the current working directory containing the output of pg_dumpall -g, under the umask in effect when pg_upgrade was invoked, not un...

7CVSS6.5AI score0.00088EPSS

Exploits0References7Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by