Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13277 matches found

Positive Technologies
Positive Technologiesadded 2024/03/08 12:0 a.m.4 views

PT-2024-2087 · Unknown · Postgresql Anonymizer

Name of the Vulnerable Software and Affected Versions: PostgreSQL Anonymizer version 1.2 Description: The issue is related to a SQL injection vulnerability in PostgreSQL Anonymizer. This vulnerability allows a user who owns a table to elevate their privileges to superuser when dynamic masking is...

8CVSS8.4AI score0.00461EPSS
Exploits0References7
CNNVD
CNNVDadded 2024/03/08 12:0 a.m.2 views

PostgreSQL Anonymizer Security Vulnerability

PostgreSQL Anonymizer is an extension for masking or replacing personally identifiable information PII or commercially sensitive data in PostgreSQL databases. A security vulnerability exists in PostgreSQL Anonymizer version v1.2 that originates from allowing a user who owns a table to be promoted...

8CVSS6.5AI score0.00461EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/03/08 12:0 a.m.3 views

PostgreSQL Anonymizer Security Vulnerability

PostgreSQL Anonymizer is an extension for masking or replacing personally identifiable information PII or commercially sensitive data in PostgreSQL databases. A security vulnerability exists in PostgreSQL Anonymizer version v1.2 that originates from allowing a user who owns a table to be promoted...

8.8CVSS6.5AI score0.00552EPSS
Exploits0References2
OpenVAS
OpenVASadded 2024/03/08 12:0 a.m.20 views

openSUSE: Security Advisory for postgresql (SUSE-SU-2024:0769-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.9AI score0.0481EPSS
Exploits0References2
OpenVAS
OpenVASadded 2024/03/08 12:0 a.m.20 views

Fedora: Security Advisory for postgresql-jdbc (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
Fedora
Fedoraadded 2024/03/07 10:33 p.m.36 views

[SECURITY] Fedora 40 Update: postgresql-jdbc-42.7.1-4.fc40

PostgreSQL is an advanced Object-Relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database...

8.8CVSS6.8AI score0.02557EPSS
Exploits3
RedhatCVE
RedhatCVEadded 2024/03/07 6:8 p.m.35 views

CVE-2024-27289

A flaw was found in pgx. SQL injection can occur when all of the following conditions are met in versions before 4.18.2 of pgx. - The non-default simple protocol is used - A placeholder for a numeric value must be immediately preceded by a minus - There must be a second placeholder for a string...

8.1CVSS8.2AI score0.00854EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/03/07 12:0 a.m.3 views

pgAdmin Security Vulnerabilities

pgAdmin is an open source administration and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin version 4 that stems from not setting trusted base paths that should not be escaped...

9.9CVSS6.8AI score0.79326EPSS
Exploits4References5
Tenable Nessus
Tenable Nessusadded 2024/03/07 12:0 a.m.27 views

SUSE SLES12 Security Update : postgresql-jdbc (SUSE-SU-2024:0771-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0771-1 advisory. - pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the...

10CVSS7.9AI score0.0481EPSS
Exploits0References4
OSV
OSVadded 2024/03/06 7:15 p.m.4 views

AZL-35763 CVE-2024-27289 affecting package telegraf for versions less than 1.29.4-4

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for ...

8.1CVSS6.7AI score0.00854EPSS
Exploits0References1
NVD
NVDadded 2024/03/06 7:15 p.m.16 views

CVE-2024-27289

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for ...

8.1CVSS8.4AI score0.00854EPSS
Exploits0References3
NVD
NVDadded 2024/03/06 7:15 p.m.23 views

CVE-2024-27304

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

9.8CVSS9.9AI score0.01109EPSS
Exploits1References7
UbuntuCve
UbuntuCveadded 2024/03/06 7:15 p.m.70 views

CVE-2024-27304

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

9.8CVSS7.2AI score0.01109EPSS
Exploits1References10
UbuntuCve
UbuntuCveadded 2024/03/06 7:15 p.m.20 views

CVE-2024-27289

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for ...

8.1CVSS6.8AI score0.00854EPSS
Exploits0References4
Prion
Prionadded 2024/03/06 7:15 p.m.29 views

Sql injection

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for ...

5.1CVSS8.3AI score0.00854EPSS
Exploits0References2
Prion
Prionadded 2024/03/06 7:15 p.m.24 views

Integer overflow

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

7.5CVSS9.7AI score0.01109EPSS
Exploits1References6
OSV
OSVadded 2024/03/06 7:15 p.m.1 views

UBUNTU-CVE-2024-27289

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for ...

8.1CVSS6.2AI score0.00854EPSS
Exploits0References5
OSV
OSVadded 2024/03/06 7:15 p.m.3 views

UBUNTU-CVE-2024-27304

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

9.8CVSS7.2AI score0.01109EPSS
Exploits1References11
Vulnrichment
Vulnrichmentadded 2024/03/06 7:7 p.m.45 views

CVE-2024-27304 pgx SQL Injection via Protocol Message Size Overflow

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

9.8CVSS7.8AI score0.01109EPSS
Exploits1References7
Cvelist
Cvelistadded 2024/03/06 7:7 p.m.34 views

CVE-2024-27304 pgx SQL Injection via Protocol Message Size Overflow

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. T...

9.8CVSS10AI score0.01109EPSS
Exploits1References7
Rows per page
Query Builder