SUSE-SU-2025:03625-1 Security update for pgadmin4

This update for pgadmin4 fixes the following issues: - CVE-2025-9636: Fixed cross-origin opener policy COOP vulnerability bsc1249151...

Fedora: Security Advisory (FEDORA-2025-3c80b660e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2017-11067

Malware in sbrugna...

Exploit for CVE-2025-2945

pgAdmin4 Query Tool Authenticated RCE PoC Standalone python s...

Fedora: Security Advisory (FEDORA-2025-49d6f62c0e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-4944ad2c87)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-20052

A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

GHSA-4GRG-W6V8-C28G vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, airflow, pgadmin4, nemo, airflow-core, mlflow, kubeflow-jupyter-web-app, emissary...

CVE-2025-47278 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, airflow, pgadmin4, nemo, airflow-core, mlflow, kubeflow-jupyter-web-app, emissary...

CVE-2025-43859 vulnerabilities

Vulnerabilities for packages: mitmproxy, jupyter-base-notebook, checkov, reflex, airflow, pgadmin4, py3.10-vllm-cuda-11.8, nemo, kubeflow-pipelines-visualization-server, kserve, localstack...

GHSA-VQFR-H8MV-GHFJ vulnerabilities

Vulnerabilities for packages: mitmproxy, jupyter-base-notebook, checkov, reflex, airflow, pgadmin4, py3.10-vllm-cuda-11.8, nemo, kubeflow-pipelines-visualization-server, kserve, localstack...

SUSE SLED15 / SLES15 Security Update : pgadmin4 (SUSE-SU-2025:1326-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1326-1 advisory. - CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is...

SUSE-SU-2025:1326-1 Security update for pgadmin4

This update for pgadmin4 fixes the following issues: - CVE-2025-27152: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set bsc1239308 - CVE-2023-1907: Fixed an issue which could result in users being authenticated in another user's session if two users...

openSUSE Security Advisory (SUSE-SU-2025:1227-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-Site Scripting (XSS)

pgadmin4 is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to lack of input/output encoding when rendering query results, which allows an attacker to execute arbitrary HTML or JavaScript in the victim's browser...

Remote Code Execution (RCE)

pgAdmin4 is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe use of Python's eval function due to unsanitized input in the querycommitted and highavailability parameters on two POST endpoints...

Security update for pgadmin4

This update for pgadmin4 fixes the following issues: CVE-2025-27152: axios: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set bsc1239308 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2025:1227-1 Security update for pgadmin4

This update for pgadmin4 fixes the following issues: - CVE-2025-27152: axios: Fixed SSRF and creadential leakage due to requests sent to absolute URL even when baseURL is set bsc1239308...

pgadmin4-9.2-1.1 on GA media (moderate)

pgadmin4-9.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:14983-1 Rating: moderate Cross-References: CVE-2024-6238 CVE-2024-9014 CVE-2025-2945 CVE-2025-2946 CVSS scores: CVE-2024-6238 SUSE : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-9014 SUSE : 8...

OPENSUSE-SU-2025:14983-1 pgadmin4-9.2-1.1 on GA media

These are all security issues fixed in the pgadmin4-9.2-1.1 package on the GA media of openSUSE Tumbleweed...