Lucene search
+L

9 matches found

RedHat Linux
RedHat Linux
added 2025/09/02 6:54 a.m.7 views

postgresql: PostgreSQL code execution in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...

8.8CVSS7.8AI score0.00736EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/09/02 5:7 a.m.6 views

postgresql: PostgreSQL code execution in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...

8.8CVSS7.8AI score0.00736EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

SUSE SLES15: postgresql15 / postgresql15-contrib / postgresql15-devel / etc (SUSE-SU-2025:03030-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03030-1 advisory. Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc124812...

8.8CVSS7.4AI score0.00736EPSS
Exploits1References10
OSV
OSV
added 2025/08/29 8:32 a.m.2 views

SUSE-SU-2025:03020-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

8.8CVSS7.8AI score0.00736EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/08/28 10:24 a.m.6 views

postgresql: PostgreSQL code execution in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pgdump, pgdumpall, and pgrestore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to...

8.8CVSS7.8AI score0.00736EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/28 12:0 a.m.4 views

SUSE SLES15: libecpg6 / libpq5 / libpq5-32bit / postgresql17 / etc (SUSE-SU-2025:02995-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02995-1 advisory. Updated to 17.6: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc12481...

8.8CVSS7.7AI score0.00736EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

SUSE SLES12 Security Update : postgresql17 (SUSE-SU-2025:02987-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02987-1 advisory. Updated to 17.6: CVE-2025-8713: Fixed optimizer statistics exposing sampled data within a view, partition, or child table bsc1248120...

8.8CVSS8.6AI score0.00736EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

PostgreSQL 13.x < 13.22 / 14.x < 14.19 / 15.x < 15.14 / 16.x < 16.10 / 17.x < 17.6 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 13 prior to 13.22, 14 prior to 14.19, 15 prior to 15.14, 16 prior to 16.10, or 17 prior to 17.6. As such, it is potentially affected by multiple vulnerabilities : - Improper neutralization of newlines in pgdump in PostgreSQL allows a user ...

8.8CVSS7.5AI score0.0257EPSS
Exploits2References4
CVE
CVE
added 2025/08/14 1:0 p.m.134 views

CVE-2025-8714

CVE-2025-8714 affects PostgreSQL (and variants in related advisories) via Untrusted data inclusion in pg_dump, pg_dumpall, and pg_restore, allowing a malicious superuser to inject code during restore as the client OS account running psql. The issue arises from processing psql meta-commands in dum...

8.8CVSS7.6AI score0.00736EPSS
Exploits1References1
Rows per page
Query Builder