Filter
-Infinity
0
Trending
Versions
8.4.1
25
7.4
24
7.4.3
24
8.0
23
7.4.1
22
7.4.2
22
7.4.5
22
8.0.1
22
8.4.2
22
8.4.3
22
11.0
21
12.0
21
7.4.6
21
7.4.7
21
8.0.2
21
13.0
20
7.4.4
20
8.1.1
19
8.3.6
19
9.1
19
8.3.1
18
8.3.2
18
8.3.3
18
8.3.4
18
8.3.5
18
8.3.7
18
8.4
18
10.0
17
8.0.3
17
8.0.4
17
8.0.5
17
8.1.2
17
8.3
17
9.0
17
7.2.1
16
9.1.1
16
9.1.2
16
14.0
15
7.4.10
15
7.4.11
15
8.0.6
15
8.2
15
8.3.8
15
8.4.4
15
9.0.1
15
9.0.2
15
9.0.3
15
9.0.4
15
9.0.5
15
9.0.6
15
CVE-2025-1094: PostgSQL: Quoting APIs miss neutralizing quoting syntax in text that fails encoding validation, enabling psql SQL injection
First published (updated )
A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)
First published (updated )
Social
redditCVE-2025-1094: PostgSQL: Quoting APIs miss neutralizing quoting syntax in text that fails encoding validation, enabling psql SQL injection
First published (updated )
BleepingComputerPostgreSQL flaw exploited as zero-day in BeyondTrust breach
First published (updated )
News
BleepingComputerNever miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Versa Networks Versa DirectorThe Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is als…
10
First published (updated )
PostgSQL: 4 CVEs fixed in 17.1, 16.5, 15.9, 14.14, 13.17, 12.21
First published (updated )
PostgreSQL CommonIncomplete tracking in PostgreSQL of tables with row security allows a reused query to view or chang…
First published (updated )
PostgreSQL CommonIncorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database use…
7
First published (updated )
PostgreSQL CommonIncorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or ch…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PostgreSQL CommonPostgreSQL PL/Perl environment variable changes execute arbitrary code
8.8
First published (updated )
PostgreSQL CommonPostgreSQL libpq retains an error message from man-in-the-middle
3.7
First published (updated )
PostgreSQL CommonPostgreSQL row security below e.g. subqueries disregards user ID changes
5.4
First published (updated )
CVE-2024-7348: PostgSQL lation placement during pg_dump executes arbitrary SQL
First published (updated )
PostgreSQL CommonPostgreSQL relation replacement during pg_dump executes arbitrary SQL
8.8
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/postgresqlPostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks
4.3
EPSS
0.04%
First published (updated )
redhat/postgresqlPostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL
8
First published (updated )
Red Hat Enterprise Linux ServerPostgresql: role pg_signal_backend can signal certain superuser processes.
4.4
EPSS
0.12%
First published (updated )
Red Hat Enterprise Linux ServerPostgresql: buffer overrun from integer overflow in array modification
8.8
EPSS
1.16%
First published (updated )
Red Hat Enterprise Linux ServerPostgresql: memory disclosure in aggregate function calls
4.3
EPSS
0.18%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PostgreSQL CommonAn issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeate…
7.5
First published (updated )
Red Hat Enterprise LinuxPostgresql: merge fails to enforce update or select row security policies
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PostgreSQL CommonOdyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is configured…
5.9
First published (updated )
PostgreSQL CommonA vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary obj…
8
First published (updated )
gin-vue-adminSQL Injection in github.com/flipped-aurora/gin-vue-admin
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.