set_user Extension Module up to 2.x on PostgreSQL set_config Privilege Escalation
A vulnerability classified as problematic was found in set_user Extension Module up to 2.x on PostgreSQL. Upgrading to version 3.0.0
PostgreSQL up to 9.6.21/10.16/11.11/12.6/13.2 CONFLICT information disclosure
A vulnerability classified as problematic was found in PostgreSQL up to 9.6.21/10.16/11.11/12.6/13.2 (Database Software). Affected by this vulnerability is an
PostgreSQL up to 11.11/12.6/13.2 UPDATE information disclosure
A vulnerability, which was classified as problematic, has been found in PostgreSQL up to 11.11/12.6/13.2 (Database Software). Affected by this
PostgreSQL up to 11.12/12.7/13.3 Query information disclosure
A vulnerability, which was classified as problematic, was found in PostgreSQL up to 11.12/12.7/13.3 (Database Software). This affects some unknown
set_user Extension Module up to 2.0.0 on PostgreSQL improper authorization
A vulnerability was found in set_user Extension Module up to 2.0.0 on PostgreSQL. It has been rated as critical. Affected
PostgreSQL security flaws
Overview : Multiple flaws was discovered in postgresql Affected Product(s) : postgresql 9.4 – 11 postgresql 11.x before 11.5 Vulnerability
Potential SQL injection in PostgreSQL Zend\Db adapter
Overview : Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter. Affected Product(s)
CVE-2024-39309 : PARSE-COMMUNITY PARSE-SERVER UP TO 6.5.6/7.1.0 SQL INJECTION
Description Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A
unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
Overview : An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by
cPanel before 84.0.20 allows a demo account to achieve remote code execution
Overview : cPanel before 84.0.20 allows a demo account to achieve remote code execution via a cpsrvd rsync shell (SEC-544).
cPanel before 82.0.18 Account bypass vulnerability
Overview : cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508). Affected