Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2010-3760

Malware in sbrugna...

6CVSS6.4AI score0.01124EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2007-2133

Malware in sbrugna...

6CVSS7.4AI score0.01654EPSS
Exploits0References38
Tenable Nessus
Tenable Nessusadded 2025/08/20 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-10208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitra...

8.8CVSS7.8AI score0.00197EPSS
Exploits0References2
OpenVAS
OpenVASadded 2020/11/11 12:0 a.m.8 views

openGauss: Controlling the Permission to Execute the SECURITY DEFINER Function

Because the SECURITY DEFINER function is executed with the privileges of the user that created it, ensure that this function is not misused. For security purposes, set searchpath to exclude any schemas writable by untrusted users. This prevents malicious users from creating objects that mask...

7.4AI score
Exploits0References1
RedhatCVE
RedhatCVEadded 2019/08/08 6:52 p.m.42 views

CVE-2019-10208

A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. Mitigation If your use case requires SECURITY DEFINER...

8.8CVSS2.7AI score0.00197EPSS
Exploits0References4
Check Point Advisories
Check Point Advisoriesadded 2014/03/17 12:0 a.m.4 views

PostgreSQL Database SET ROLE Security Bypass (CVE-2014-0060)

A policy bypass vulnerability has been found in PostgreSQL database server. The vulnerability is due to a design weakness when granting a role without ADMIN OPTION. A remote attacker can exploit the vulnerability to cause a policy bypass allowing execution of a security-restricted operation or a...

7AI score0.00545EPSS
Exploits2
Cvelist
Cvelistadded 2010/10/06 4:0 p.m.22 views

CVE-2010-3433

The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allow...

7.2AI score0.01661EPSS
Exploits0References19
Tenable Nessus
Tenable Nessusadded 2007/04/30 12:0 a.m.20 views

Mandrake Linux Security Advisory : postgresql (MDKSA-2007:094)

A weakness in previous versions of PostgreSQL was found in the security definer functions in which an authenticated but otherwise unprivileged SQL user could use temporary objects to execute arbitrary code with the privileges of the security-definer function. IMPORTANT NOTICE FOR CORPORATE...

6CVSS7.3AI score0.01654EPSS
Exploits0References1
PostrgeSql
PostrgeSqladded 2007/04/24 8:0 p.m.71 views

Vulnerability in core server (CVE-2007-2138)

A vulnerability involving insecure searchpath settings allows unprivileged users to gain the SQL privileges of the owner of any SECURITY DEFINER function they are allowed to call. Securing such a function requires both a software update and changes to the function definition...

6CVSS8.8AI score0.01654EPSS
Exploits0Affected Software1
Rows per page
Query Builder