CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

VulnCheck KEV•added 2025/12/08 12:0 a.m.•5 views

VulnCheck KEV: CVE-2022-31197

PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contain...

8CVSS6AI score0.02462EPSS

In wildExploits1References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-6614

Malicious code in bioql PyPI...

8CVSS6.6AI score0.02462EPSS

Exploits1References14

OSV•added 2024/03/06 11:2 a.m.•35 views

BIT-POSTGRESQL-JDBC-DRIVER-2022-31197 SQL Injection in ResultSet.refreshRow() with malicious column names in pgjdbc

8CVSS7.7AI score0.02462EPSS

Exploits1References7

SUSE CVE•added 2023/02/15 3:25 a.m.•1 views

SUSE CVE-2022-31197

8.1CVSS7.9AI score0.02462EPSS

Exploits1References8

Tenable Nessus•added 2023/01/24 12:0 a.m.•31 views

Oracle Linux 9 : postgresql-jdbc (ELSA-2023-0318)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-0318 advisory. - fix for CVE-2022-31197 Tue Aug 10 2021 Mohan Boddu Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

8CVSS6.7AI score0.02462EPSS

Exploits1References2

OSV•added 2022/08/06 5:51 a.m.•2 views

GHSA-R38F-C4H4-HQQ2 PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names

Impact What kind of vulnerability is it? Who is impacted? The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contains a statement terminator, e.g. ;, could lead to SQL injection. This could lead to...

7.1CVSS7.1AI score0.02462EPSS

Exploits1References10