Lucene search
+L

13626 matches found

Nuclei
Nuclei
added 8 hours ago152 views

Apache Superset < 4.0.2 - SQL Injection

An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new...

9.8CVSS5.5AI score0.04433EPSS
Exploits2References4
BDU FSTEC
BDU FSTEC
added yesterday30 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS7.2AI score0.00736EPSS
Exploits1References11Affected Software9
BDU FSTEC
BDU FSTEC
added yesterday37 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS7AI score0.00412EPSS
Exploits0References11Affected Software9
Github Security Blog
Github Security Blog
added yesterday7 views

AWS-JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance

Aurora PostgreSQL is a fully managed relational database engine that's compatible with PostgreSQL. The team has identified CVE-2026-11400, an issue in Aurora PostgreSQL using the AWS Advanced JDBC Wrapper Impact An issue in AWS Wrappers for Amazon Aurora PostgreSQL will allow for privilege...

8.6CVSS5.2AI score0.00305EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added yesterday44 views

EUVD-2026-34900

AWS-JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance...

8.6CVSS5.2AI score0.00305EPSS
Exploits0References5
NVD
NVD
added yesterday7 views

CVE-2026-9586

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS
Exploits0References2
Vulnrichment
Vulnrichment
added yesterday6 views

CVE-2026-9586 Unauthenticated SQL Injection Leading to Remote Code Execution in Switchvox SMB

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS6.7AI score
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-9586

CVE-2026-9586 describes an unauthenticated SQL injection in Sangoma Switchvox SMB Edition 8.3. The vulnerable component is the /pa endpoint, which processes XML beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries, enabling arbitrary SQL execution an...

9.3CVSS6.7AI score
Exploits0References2
Cvelist
Cvelist
added yesterday25 views

CVE-2026-9586 Unauthenticated SQL Injection Leading to Remote Code Execution in Switchvox SMB

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS
Exploits0References2
Nuclei
Nuclei
added yesterday17 views

Drupal Core - Anonymous SQL Injection via PostgreSQL Entity Query

Drupal core from 8.9.0 before 10.4.10, 10.5.0 before 10.5.10, 10.6.0 before 10.6.9, 11.0.0 before 11.1.10, 11.2.0 before 11.2.12, and 11.3.0 before 11.3.10 contains an SQL injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL...

9.8CVSS8AI score0.84631EPSS
Exploits14References2
NVD
NVD
added yesterday5 views

CVE-2026-62238

OpenRemote before 1.26.0 contain an authenticated SQL injection vulnerability in the datapoint crosstab export endpoint that constructs PostgreSQL queries by concatenating asset display names into raw SQL. An authenticated attacker with asset creation or rename permissions can inject SQL through...

7.2CVSS0.00211EPSS
Exploits0References2
EUVD
EUVD
added yesterday8 views

EUVD-2026-45084

OpenRemote before 1.26.0 contain an authenticated SQL injection vulnerability in the datapoint crosstab export endpoint that constructs PostgreSQL queries by concatenating asset display names into raw SQL. An authenticated attacker with asset creation or rename permissions can inject SQL through...

7.2CVSS6.1AI score0.00211EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-60810

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS6.6AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2 days ago6 views

github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability

A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service DoS or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation...

9.8CVSS6.2AI score0.00561EPSS
Exploits0References5
NVD
NVD
added 3 days ago7 views

CVE-2026-62361

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to 6.2.0, listmonk’s GET /api/subscribers/export endpoint injects the user-controlled query parameter into QuerySubscribersForExport in internal/core/subscribers.go without calling validateQueryTables, unlike GET...

5.5CVSS0.00239EPSS
Exploits0References3
NVD
NVD
added 3 days ago7 views

CVE-2026-52887

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filterlatestMsgReceiveTimestamp$lt value was inserted into a...

10CVSS0.00593EPSS
Exploits0References3
CVE
CVE
added 3 days ago8 views

CVE-2026-55410

NocoBase (with the @nocobase/plugin-backups) prior to version 2.1.19 is vulnerable. The backups restoration flow interpolates database.schema from _metadata.json into Node.js child_process.exec() shell commands, enabling a backup-management user to execute arbitrary commands with the NocoBase ser...

6.7CVSS6.2AI score0.0037EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-55410 NocoBase backup restore schema name allows command injection

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.1.19, NocoBase @nocobase/plugin-backups restored PostgreSQL backups by interpolating the database.schema value from metadata.json into shell command strings executed with...

6.7CVSS0.0037EPSS
Exploits0References3
CVE
CVE
added 3 days ago26 views

CVE-2026-52887

NocoBase before version 2.0.61 is affected by CVE-2026-52887 due to a SQL injection in the in-app notification plugin. The flaw occurs in GET /api/myInAppChannels:list where filter[latestMsgReceiveTimestamp][$lt] is interpolated into a Sequelize.literal() without escaping or parameter binding, en...

10CVSS6.2AI score0.00593EPSS
Exploits0References3
OSV
OSV
added 3 days ago3 views

CVE-2026-52887 NocoBase: SQL injection in /api/myInAppChannels:list filter to PG-superuser RCE

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filterlatestMsgReceiveTimestamp$lt value was inserted into a...

10CVSS6.2AI score0.00593EPSS
Exploits0References5
Rows per page
Query Builder