Lucene search
K

15 matches found

OSV
OSV
added 4 days ago6 views

PYSEC-2026-454 pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS6.5AI score0.12217EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.8 views

pgAdmin < 9.12 Command Execution (GHSA-3p7x-94q9-jq9x)

The version of pgAdmin installed on the remote host is prior to 9.12. It is, therefore, affected by command execution vulnerability: - pgAdmin versions prior to 9.12 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performin...

7.4CVSS5.9AI score0.00392EPSS
Exploits0References3
OSV
OSV
added 2026/02/05 6:30 p.m.3 views

GHSA-3P7X-94Q9-JQ9X pgadmin4 affected by a Restore restriction bypass via key disclosure vulnerability

pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract t...

7.4CVSS5.8AI score0.00392EPSS
Exploits0References4
NVD
NVD
added 2026/02/05 6:16 p.m.16 views

CVE-2026-1707

pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract t...

7.4CVSS0.00392EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/05 5:30 p.m.5 views

EUVD-2026-5528

pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract t...

7.4CVSS5.8AI score0.00392EPSS
Exploits0References1
NVD
NVD
added 2025/12/11 7:15 p.m.8 views

CVE-2025-13780

pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS0.00851EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/11 6:30 p.m.19 views

CVE-2025-13780 Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode (pgAdmin 4)

pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS0.00851EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.9 views

PT-2025-50670

Name of the Vulnerable Software and Affected Versions pgAdmin versions up to 9.10 Description pgAdmin versions up to 9.10 are susceptible to a Remote Code Execution RCE issue when running in server mode and restoring from PLAIN-format dump files. This flaw allows attackers to inject and execute...

9.1CVSS6.8AI score0.00851EPSS
Exploits1References47
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

pgAdmin 安全漏洞

pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin 9.10 and earlier versions, which originates in server mode when restoring a PLAIN format dump file could lead to remote code...

9.1CVSS7.6AI score0.00851EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2025/11/14 12:33 a.m.1 views

SUSE CVE-2025-12762

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS7.8AI score0.12217EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/11/13 3:30 p.m.6 views

pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.8CVSS7.8AI score0.12217EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/11/13 3:30 p.m.5 views

EUVD-2025-169296

pgAdmin4 vulnerable to Remote Code Execution RCE when running in server mode...

9.1CVSS6.8AI score0.12217EPSS
Exploits1References3
OSV
OSV
added 2025/11/13 3:30 p.m.2 views

GHSA-W2P4-P4RH-QCM3 pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS7.7AI score0.12217EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.5 views

PT-2025-46819

Name of the Vulnerable Software and Affected Versions pgAdmin versions up to 9.9 Description pgAdmin is susceptible to a Remote Code Execution RCE issue that arises when operating in server mode and restoring from PLAIN-format dump files. This flaw allows attackers to inject and execute arbitrary...

9.8CVSS6.4AI score0.12217EPSS
Exploits1References51
Snyk
Snyk
added 2025/08/14 1:0 p.m.2 views

Inclusion of Functionality from Untrusted Control Sphere

Overview Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere when restoring from a plain-text dump file. An attacker can embed malicious psql meta-commands into dump files generated by pgdump --format=plain, pgdumpall, or pgrestore --file...

8.8CVSS7.7AI score0.00709EPSS
Exploits1References2
Rows per page
Query Builder