CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Snyk•added 2026/05/31 9:0 p.m.•4 views

Malicious Package

Overview @cloudplatform-single-spa/timescale-db is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

9.8CVSS5.9AI score

Exploits0References2

NVD•added 2026/03/10 6:18 p.m.•1 views

CVE-2026-30930

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, The TimescaleDB export module constructs SQL queries using string concatenation with unsanitized system monitoring data. The normalize method wraps string values in single quotes but does not escape embedded single...

9.8CVSS0.00034EPSS

Exploits1References3

OSV•added 2026/03/10 6:18 p.m.•3 views

UBUNTU-CVE-2026-30930

9.8CVSS5.9AI score0.00034EPSS

Exploits1References3

CVE•added 2026/03/10 4:16 p.m.•13 views

CVE-2026-30930

CVE-2026-30930 affects Glances prior to version 4.5.1. The TimescaleDB export module builds SQL queries by concatenating unsanitized system-monitoring data. The normalize() function wraps values in single quotes but does not escape embedded quotes, allowing SQL injection via attacker-controlled d...

9.8CVSS5.8AI score0.00034EPSS

Exploits1References3Affected Software1

EUVD•added 2026/03/06 5:6 p.m.•2 views

EUVD-2026-10048

TimescaleDB is a time-series database for high-performance real-time analytics packaged as a Postgres extension. From version 2.23.0 to 2.25.1, PostgreSQL uses the searchpath setting to locate unqualified database objects tables, functions, operators. If the searchpath includes user-writable...

8.8CVSS6.2AI score0.00025EPSS

Exploits0References4

ATTACKERKB•added 2026/03/06 5:6 p.m.•1 views

CVE-2026-29089

8.8CVSS6.2AI score0.00025EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/03/06 12:0 a.m.•4 views

PT-2026-23731

Name of the Vulnerable Software and Affected Versions TimescaleDB versions 2.23.0 through 2.25.1 Description TimescaleDB is a time-series database that functions as a Postgres extension. A flaw exists where PostgreSQL’s use of the search path setting can allow a malicious user to create functions...

8.8CVSS6AI score0.00025EPSS

Exploits0References7

CNNVD•added 2025/06/18 12:0 a.m.•1 views

pgai 信息泄露漏洞

pgai is a set of tools open-sourced by timescale to make it easier to develop RAG, semantic search, and other AI applications using PostgreSQL. An information disclosure vulnerability exists in pgai, which stems from a vulnerability that allows an attacker to steal all secrets in a workflow...

9.1CVSS6.1AI score0.00338EPSS

Exploits0References1

Talos•added 2024/01/08 12:0 a.m.•26 views

GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1819 GTKWave LXT2 numtimetableentries out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-34436 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 numtimetableentries functionality of GTKWave 3.3.115. A specially crafted .lxt2...

7.8CVSS7.8AI score0.00066EPSS

Exploits1

NVD•added 2023/02/14 2:15 p.m.•10 views

CVE-2023-25149

TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run wit...

8.8CVSS9.1AI score0.00381EPSS

Exploits0References3