pgAdmin 安全漏洞

pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin 9.10 and earlier versions, which originates in server mode when restoring a PLAIN format dump file could lead to remote code...

SUSE CVE-2025-12764

pgAdmin = 9.9 is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special LDAP characters in the username, causing the DC/LDAP server and the client to process an unusual amount of data DOS...

CVE-2025-12765

pgAdmin = 9.9 is affected by a vulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification...

pgAdmin 安全漏洞

pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin 9.9 and earlier versions, which stems from a TLS certificate validation in the LDAP authentication mechanism that can be bypassed...

EUVD-2024-1364

Malicious code in bioql PyPI...

EUVD-2025-0015

Malicious code in bioql PyPI...

EUVD-2024-1871

Malicious code in bioql PyPI...

Exploit for CVE-2025-2945

CVE-2025-2945PoC pgAdmin Proof of Concept pgAdmin Query To...

Fedora 41 : pgadmin4 (2025-49d6f62c0e)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-49d6f62c0e advisory. Update to pgadmin-9.2. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

ROS-20250417-02

Vulnerability of /settings/store API endpoint of pgAdmin database management tool is related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform a cross-site scripted attack Server mode...

pgAdmin Query Tool authenticated RCE (CVE-2025-2945)

This module exploits a vulnerability in pgAdmin where an authenticated user can establish a connection to the query tool and send a specific payload in the querycommited POST parameter. This payload is directly executed via a Python eval statement, resulting in remote code execution in versions...

GHSA-2RRX-PPHC-QFV9 pgAdmin 4 Vulnerable to Cross-Site Scripting (XSS) via Query Result Rendering

pgAdmin = 9.1 is affected by a security vulnerability with Cross-Site ScriptingXSS. If attackers execute any arbitrary HTML/JavaScript in a user's browser through query result rendering, then HTML/JavaScript runs on the browser...

pgAdmin 4 Vulnerable to Cross-Site Scripting (XSS) via Query Result Rendering

pgAdmin = 9.1 is affected by a security vulnerability with Cross-Site ScriptingXSS. If attackers execute any arbitrary HTML/JavaScript in a user's browser through query result rendering, then HTML/JavaScript runs on the browser...

CVE-2025-2946

CVE-2025-2946 is a Cross‑Site Scripting (XSS) vulnerability in pgAdmin 4 where arbitrary HTML/JavaScript can execute in a user’s browser via query result rendering. Affected version: pgAdmin

pgAdmin 安全漏洞

pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin versions prior to 4 9.2 that stems from insecurely passing parameters to the eval function, which could lead to remote code executi...

PT-2025-14614 · Pgadmin · Pgadmin

Name of the Vulnerable Software and Affected Versions: pgAdmin versions 9.1 and earlier Description: The issue allows attackers to execute Cross-Site Scripting XSS attacks via query result rendering, enabling them to run arbitrary HTML/JavaScript in a user's browser. This occurs when an attacker...

Race Condition

pgAdmin is vulnerable to Race Condition. The vulnerability is due to improper session handling in server mode with LDAP authentication, where simultaneous login attempts can result in users being attached to another user's session...

CVE-2023-1907

A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...

CVE-2023-1907 Pgadmin: users authenticated simultaneously via ldap may be attached to the wrong session

A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...

CVE-2023-1907 Pgadmin: users authenticated simultaneously via ldap may be attached to the wrong session

A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...