312 matches found
CLSA-2026-1775033648 postgresql-jdbc: Fix of CVE-2022-21724
CVE-2022-21724: ensure arbitrary classes can't be passed instead of SocketFactory, SSLSocketFactory, CallbackHandler, HostnameVerifier - Restore testing from previous spec versions, exclude broken tests...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to vulnerable PostgreSQL JDBC connection parameters not being blocked by default. An attacker can exploit this vulnerability by injecting dangerous JDBC parameters such as socketFactory, sslfactory,...
Atlassian Confluence 9.2.8 < 9.2.11 (CONFSERVER-101842)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101842 advisory. - pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding...
MiracleLinux 9 : postgresql-jdbc-42.2.28-1.el9_3 (AXSA:2024-7626:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7626:01 advisory. PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE CVE-2024-1597 Tenable has extracted the preceding description block...
MiracleLinux 4 : postgresql-jdbc-8.4.704-4.AXS4 (AXSA:2020-253:02)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-253:02 advisory. postgresql-jdbc: XML external entity XXE vulnerability in PgSQLXML CVE-2020-13692 This update introduces a backwards incompatible change required to resolve...
MiracleLinux 7 : postgresql-jdbc-9.2.1002-8.el7 (AXSA:2020-252:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-252:01 advisory. postgresql-jdbc: XML external entity XXE vulnerability in PgSQLXML CVE-2020-13692 This update introduces a backwards incompatible change required to resolve...
MiracleLinux 8 : postgresql-jdbc-42.2.14-3.el8_9 (AXSA:2024-7627:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7627:02 advisory. PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE CVE-2024-1597 Tenable has extracted the preceding description block...
MiracleLinux 8 : postgresql-jdbc-42.2.14-2.el8 (AXSA:2023-5995:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5995:03 advisory. postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions CVE-2022-41946 Tenable has extracted the preceding...
MiracleLinux 9 : postgresql-jdbc-42.2.27-1.el9 (AXSA:2023-5766:02)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5766:02 advisory. postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions CVE-2022-41946 Tenable has extracted the preceding...
MiracleLinux 8 : postgresql-jdbc-42.2.3-3.el8 (AXSA:2020-847:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-847:03 advisory. postgresql-jdbc: XML external entity XXE vulnerability in PgSQLXML CVE-2020-13692 Tenable has extracted the preceding description block directly from the...
MITM (Man-in-the-Middle) org.postgresql:postgresql Dependency in Confluence Data Center and Server
This High severity MITM Man-in-the-Middle vulnerability was introduced in versions 9.2.8 of Confluence Data Center and Server. This MITM Man-in-the-Middle vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N allows an unauthenticated attacker t...
VulnCheck KEV: CVE-2022-31197
PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contain...
CLSA-2025-1762243790 postgresql-jdbc: Fix of CVE-2024-1597
update to 42.2.28 - CVE-2024-1597: fix SQL injection in PostgreSQL JDBC simple query mode...
EUVD-2018-0508
Malware in sbrugna...
EUVD-2025-19595
Malicious code in bioql PyPI...
EUVD-2022-0911
Malicious code in bioql PyPI...
EUVD-2022-6614
Malicious code in bioql PyPI...
EUVD-2024-42262
Malicious code in bioql PyPI...
EUVD-2022-1192
Malicious code in bioql PyPI...
EUVD-2022-4105
Malicious code in bioql PyPI...