1136 matches found
EUVD-2023-43938
Malicious code in bioql PyPI...
EUVD-2024-44157
Malicious code in bioql PyPI...
CVE-2025-34227
Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...
CVE-2025-34227
Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...
pgjdbc: pgjdbc insecure authentication in channel binding
A connection handling flaw was found in the pgjdbc connection driver in configurations that require channel binding. Connections created with authentication methods that should not allow channel binding permit connections to use channel binding. This flaw allows attackers to position themselves i...
ROS-20250912-03
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via improper handling of user-supplied input in the SelectSQL process and other query construction logic. An attacker can execute arbitrary SQL commands on the underlying database by supplying crafted values in HTTP reques...
pREST has a Systemic SQL Injection Vulnerability
Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that...
GHSA-P46V-F2X8-QP98 pREST has a Systemic SQL Injection Vulnerability
Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via improper handling of user-supplied input in the SelectSQL process and other query construction logic. An attacker can execute arbitrary SQL commands on the underlying database by supplying crafted values in HTTP reques...
PT-2025-36628
Summary pREST provides a simple way for users to expose access their database via a REST-full API. The project is implemented using the Go programming language and is designed to expose access to Postgres database tables. During an independent review of the project, Doyensec engineers found that...
Malicious code in elara-postgres-auth-rigel (npm)
The package elara-postgres-auth-rigel was found to contain malicious code...
MAL-2025-45033 Malicious code in lint-gulp-prompts-postgres (npm)
The package lint-gulp-prompts-postgres was found to contain malicious code...
MAL-2025-44116 Malicious code in elara-postgres-auth-rigel (npm)
The package elara-postgres-auth-rigel was found to contain malicious code...
MAL-2025-45580 Malicious code in postgres-stratosphere-draco-wolf (npm)
The package postgres-stratosphere-draco-wolf was found to contain malicious code...
MAL-2025-46173 Malicious code in supernova-indus-postgres-augmentedreality (npm)
The package supernova-indus-postgres-augmentedreality was found to contain malicious code...
MAL-2025-45579 Malicious code in postgres-futurology-standard-postcss (npm)
The package postgres-futurology-standard-postcss was found to contain malicious code...
Malicious code in lint-gulp-prompts-postgres (npm)
The package lint-gulp-prompts-postgres was found to contain malicious code...
Malicious code in postgres-futurology-standard-postcss (npm)
The package postgres-futurology-standard-postcss was found to contain malicious code...
Malicious code in zenith-virtualreality-postgres-hydrogeology (npm)
The package zenith-virtualreality-postgres-hydrogeology was found to contain malicious code...