CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2025/10/28 6:59 a.m.•5 views

CVE-2025-61385

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

9.6CVSS8.7AI score0.00293EPSS

Exploits0References1

EUVD•added 2025/10/27 6:31 p.m.•6 views

EUVD-2025-36226

pg8000 SQL injection vulnerability via a specially crafted Python list input...

7.5AI score0.00293EPSS

Exploits0References3

Github Security Blog•added 2025/10/27 6:31 p.m.•8 views

pg8000 SQL injection vulnerability via a specially crafted Python list input

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

9.6CVSS8.7AI score0.00293EPSS

Exploits0References4Affected Software1

OSV•added 2025/10/27 6:31 p.m.•3 views

GHSA-WQ2G-R956-J8CC pg8000 SQL injection vulnerability via a specially crafted Python list input

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

9.3CVSS6.2AI score0.00293EPSS

Exploits0References4

NVD•added 2025/10/27 6:15 p.m.•7 views

CVE-2025-61385

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

9.6CVSS0.00293EPSS

Exploits0References2

CVE•added 2025/10/27 12:0 a.m.•48 views

CVE-2025-61385

CVE-2025-61385 affects pg8000 1.31.4. The SQL injection occurs via a specially crafted Python list input to pg8000.native.literal, enabling remote execution of arbitrary SQL. The CVSS 3.1 base score is 9.6 with Network attack vector, low complexity, no privileges, required user interaction, and i...

9.6CVSS8.2AI score0.00293EPSS

Exploits0References2

Cvelist•added 2025/10/27 12:0 a.m.•6 views

CVE-2025-61385

SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...

0.00293EPSS

Exploits0References2

CNNVD•added 2025/10/27 12:0 a.m.•4 views

pg8000 安全漏洞

pg8000 is a PostgreSQL database driver by tlocke individual developers. A security vulnerability exists in pg8000 version 1.31.4, which stems from not properly handling Python list input and could lead to an SQL injection attack...

9.6CVSS7.4AI score0.00293EPSS

Exploits0References2

Positive Technologies•added 2025/10/27 12:0 a.m.•3 views

PT-2025-44000

Name of the Vulnerable Software and Affected Versions pg8000 version 1.31.4 Description A SQL injection flaw exists in pg8000. This issue allows remote attackers to execute arbitrary SQL commands by providing a specially crafted Python list as input to the pg8000.native.literal function. The...

9.6CVSS8.1AI score0.00293EPSS

Exploits0References7