Odin HomeODIN logoODIN logo

Products

Cyble Vision
Cyber threat intelligence platform
Cyble Hawk
Threat detection and intelligence capabilities built for federal bodies
AmIBreached
Identify, Prioritize and Mitigate darkweb risks
The Cyber Express
Cyber Security News and Magazine

Search

HostsExposed BucketsExposed Files

Resources

API DocumentationPlatform GuideODIN CLIPostmanSDKs
GoPythonJavaScript

Contact Us

[email protected]

Legal

Terms of ServiceSecurity Disclosure PolicyPrivacy Policy
Leading Threat Intelligence Company
LinkedInTwitter XYoutube
ODIN logoODIN logo
LinkedInGithubMediumTwitter XYoutube
Launch YC: Odin - Attack surface monitoring and internet scanning for everyone
Made with ❤️ from Cupertino

© 2026 Cyble Inc. All Rights Reserved.

72.240.67.226

SummaryCVE DetailsRaw Data
09 Jan 2026, 01:36:59 UTC
CVE-2019-9193
In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in PostgreSQL, a superuser can execute commands as the server user without using the ‘COPY FROM PROGRAM’.
Services

5432/postgresql

7.2
CVE-2021-3393
An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.
Services

5432/postgresql

4.3
CVE-2023-24038
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Services

22/ssh

8.5
CVE-2023-24038
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Services

22/ssh

8.5
CVE-2023-24038
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Services

22/ssh

8.5
CVE-2023-24038
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Services

22/ssh

8.5
Login

CVE-2019-9193