EUVD-2025-116507

Malicious code in ariel-postgres-ariel-proxima npm...

EUVD-2025-120155

Malicious code in yakutsk-postgres-tool-node-config npm...

Malicious code in koa-postgres-blaze-electron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b6cdae761bee4ee4e8ae8294fde8b8c4d62a37e14f8b704bf9fa3dee5d856c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139595 Malicious code in ariel-postgres-ariel-proxima (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52581d417bf9190a23944e8bbf136ab50f5700f8a2f7caf39cf0c15bc94043ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS users. We recommend customers...

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS users. We recommend customers...

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS users. We recommend customers...

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS users. We recommend customers...

CVE-2025-12967

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow privilege escalation to the rds_superuser role via a crafted function executed by a low-privileged authenticated user. Affected wrappers include AWS JDBC Wrapper, AWS Go Wrapper, AWS NodeJS Wrapper, AWS Python Wrapper, and AWS PGSQL ...

Npgsql 安全漏洞

Npgsql is Npgsql Open Source an open source .NET data provider program for PostgreSQL. A security vulnerability exists in Npgsql, which stems from the ability of a low-privileged user to create specially crafted functions that may result in elevated privileges...

PT-2025-46181

Name of the Vulnerable Software and Affected Versions AWS JDBC Wrapper versions prior to 2.6.5 AWS Go Wrapper versions prior to 2025-10-17 AWS NodeJS Wrapper versions prior to 2.0.1 AWS Python Wrapper versions prior to 1.4.0 AWS PGSQL ODBC driver versions prior to 1.0.1 Description An issue in AW...

Django: Potential SQL Injection when annotating FilteredRelation on PostgreSQL

A potential SQL injection vulnerability was discovered in Django's annotation of FilteredRelation on PostgreSQL. The vulnerability was caused by an incomplete regular expression filter in the FORBIDDENALIASPATTERN. This allowed user input to be interpreted as raw strings, potentially enabling the...

Security Bulletin: IBM Cognos Analytics Certified Containers is affected by security vulnerabilities

Summary IBM Cognos Analytics Certified Containers is affected by vulnerabilities in the PostgreSQL JDBC Driver. Additionally , IBM Cognos Certified Containers is affected by an Information Disclosure vulnerability. Vulnerability Details CVEID:CVE-2022-31197 DESCRIPTION: PostgreSQL JDBC Driver...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

CLSA-2025-1762243790 postgresql-jdbc: Fix of CVE-2024-1597

update to 42.2.28 - CVE-2024-1597: fix SQL injection in PostgreSQL JDBC simple query mode...

CVE-2025-60785

A remote code execution RCE vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted HTML page...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

CVE-2025-60785

The incident affects iceScrum v7.54 Pro On-prem, specifically the Postgres Drivers component. A remote code execution (RCE) vulnerability exists that allows an attacker to run arbitrary code by presenting a crafted HTML page. The publicly documented impact is high (CVE-2025-60785) with the abilit...

CVE-2025-60785

A remote code execution RCE vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted HTML page...

Astra Linux – Vulnerability in PostgresSQL-15

The vulnerability of the SECURITY DEFINER function in a relational database management system like PostgreSQL is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...