Security
Headlines

Headlines Latest CVEs

Headline

GHSA-vf99-xw26-86g5: PgHero Allows Information Disclosure Through EXPLAIN Feature

PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. (Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server.)

2 years ago

PgHero Allows Information Disclosure Through EXPLAIN Feature

Moderate severity GitHub Reviewed Published Jan 5, 2023 • Updated Jan 9, 2023

Related news

CVE-2023-22626: Information Disclosure Through EXPLAIN Feature · Issue #439 · ankane/pghero

PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. (Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server.)

2 years ago

ghsa: Latest News

GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

23 hours ago

GHSA-3q26-f695-pp76: @cyanheads/git-mcp-server vulnerable to command injection in several tools

1 day ago

GHSA-6r2x-8pq8-9489: Electron vulnerable to Heap Buffer Overflow in NativeImage

1 day ago

GHSA-v8fr-vxmw-6mf6: Mattermost Incorrect Authorization vulnerability

1 day ago

GHSA-wgvp-jj4w-88hf: Mattermost Incorrect Authorization vulnerability

1 day ago