High
CVSS: 7.4
pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web int…
Critical
CVSS: 9.1
pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrar…
High
CVSS: 7.5
pgAdmin
High
CVSS: 7.5
pgAdmin
Medium
CVSS: 6.8
pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True during backup and restore operations, enabling attackers to execute arbitrary system commands b…
Critical
CVSS: 9.1
pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary…
High
CVSS: 7.9
pgAdmin
Critical
CVSS: 9.1
pgAdmin
Critical
CVSS: 9.9
Remote Code Execution security vulnerability in pgAdmin 4 (Query Tool and Cloud Deployment modules).
The vulnerability is associated with the 2 POST endpoints; /sqleditor/query_tool/download, where the query_commited parameter and /cloud/…
High
CVSS: 8.0
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously.
Medium
CVSS: 5.5
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, lea…