CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13189 matches found

Snyk•added 2026/05/11 3:59 p.m.•2 views

Privilege Dropping / Lowering Errors

Overview Affected versions of this package are vulnerable to Privilege Dropping / Lowering Errors in the metrics exporter. An attacker can gain PostgreSQL superuser privileges and execute arbitrary OS commands as the postgres user inside the primary pod by exploiting the ability to plant shadow...

9.9CVSS6.7AI score0.00395EPSS

Exploits0References3

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1070e Security Update: postgresql (UTSA-2026-017752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017752 advisory. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject...

8.1CVSS7AI score0.01901EPSS

Exploits0References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1060e / 20.1070e Security Update: postgresql (UTSA-2026-017500)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017500 advisory. A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If...

7.6CVSS6.1AI score0.02658EPSS

Exploits0References4

Positive Technologies•added 2026/05/11 12:0 a.m.•10 views

PT-2026-39898

Name of the Vulnerable Software and Affected Versions Kysely versions prior to 0.28.16 Description Improper input handling in the JSON-path compiler allows attackers to access sensitive JSON data. The software fails to escape JSON-path metacharacters such as ., , , , , and ?, only doubling single...

7.5CVSS5.8AI score0.00362EPSS

Exploits0References7

Tenable Nessus•added 2026/05/11 12:0 a.m.•4 views

Unity Linux 20.1060e / 20.1070e Security Update: postgresql (UTSA-2026-017516)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017516 advisory. A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates...

8.1CVSS5.8AI score0.01574EPSS

Exploits0References4

CNNVD•added 2026/05/11 12:0 a.m.•7 views

pgAdmin SQL注入漏洞

pgAdmin is an open-source management and development platform for the open-source database PostgreSQL. Versions of pgAdmin prior to 4.9.15 had a SQL injection vulnerability. This vulnerability could allow authenticated users to inject arbitrary commands in the psql copy command, enabling executio...

8.8CVSS6.1AI score0.01444EPSS

Exploits0References1

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1060e / 20.1070e Security Update: postgresql (UTSA-2026-017503)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017503 advisory. A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to creat...

8.8CVSS6.1AI score0.4644EPSS

Exploits0References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•4 views

Unity Linux 20.1060e / 20.1070e Security Update: postgresql (UTSA-2026-017576)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017576 advisory. A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns...

4.3CVSS5.8AI score0.01466EPSS

Exploits0References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: postgresql (UTSA-2026-017787)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017787 advisory. A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. Tenable ha...

5.9CVSS5.8AI score0.01501EPSS

Exploits0References4

GithubExploit•added 2026/05/10 11:48 a.m.•78 views

Exploit for CVE-2025-1094

--- POC Khai thác lỗ hổng CVE-2025-1094: PostgreSQL psql SQL...

8.1CVSS5.9AI score0.89472EPSS

Exploits10

Microsoft CVE•added 2026/05/10 8:3 a.m.•6 views

pgx: SQL Injection via placeholder confusion with dollar quoted string literals

...

9.8CVSS5.8AI score0.00356EPSS

Exploits0

GithubExploit•added 2026/05/09 5:14 p.m.•113 views

Exploit for Improper Input Validation in Postgresql

CVE-2018-1058 — PostgreSQL Search Path Demonstration This rep...

8.8CVSS5.8AI score0.14142EPSS

Exploits1

Veracode•added 2026/05/09 5:40 a.m.•7 views

Authorization Bypass

CKAN is vulnerable to Authorization Bypass. The vulnerability is due to improper authorization enforcement in datastoresearchsql, allowing attackers to bypass access controls and retrieve data from private resources as well as PostgreSQL system information...

9.1CVSS5.8AI score0.00367EPSS

Exploits0References3Affected Software1

Veracode•added 2026/05/09 5:36 a.m.•7 views

SQL Injection

CKAN is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of input in datastoresearchsql, which allows an attacker to inject arbitrary SQL queries and gain access to private resources and PostgreSQL system information...

9.8CVSS6AI score0.01815EPSS

Exploits0References6Affected Software1

Tenable Nessus•added 2026/05/09 12:0 a.m.•4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-017347)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017347 advisory. A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification...

8.8CVSS6.5AI score0.04322EPSS

Exploits0References4

Tenable Nessus•added 2026/05/09 12:0 a.m.•4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-017348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017348 advisory. A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, an...

4.4CVSS5.8AI score0.02555EPSS

Exploits0References4

Tenable Nessus•added 2026/05/09 12:0 a.m.•5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-017349)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017349 advisory. A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls wit...

4.3CVSS5.8AI score0.02775EPSS

Exploits0References4

OSV•added 2026/05/08 5:16 p.m.•4 views

UBUNTU-CVE-2026-41889

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, SQL injection can occur when the non-default simple protocol is used, a dollar quoted string literal is used in the SQL query, that string literal contains text that would be would be interpreted as a placeholder outside of a...

9.8CVSS5.7AI score0.00356EPSS

Exploits0References5