SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the AddressRepository::getSqlQuery method that constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore...

Security Bulletin: Security vulnerability has been found in IBM Security Verify Directory (Container) used by IBM Security Verify Governance Identity Manager Adapters

Summary IBM Security Verify Governance Identity Manager Adapters uses IBM Security Verify Directory Container. Information about security vulnerability affecting IBM Security Verify Directory Container has been published in security bulletin. Vulnerability Details Refer to the security bulletins...

Dolibarr ERP/CRM SQL注入漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system developed by the Dolibarr Foundation in France. This system can be used to manage products, inventory, invoices, orders, etc. Version 10.0.1 of Dolibarr ERP/CRM has a SQL injection...

Splunk Enterprise 9.2.0 < 9.2.9, 9.3.0 < 9.3.7, 9.4.0 < 9.4.5, 10.0.0 < 10.0.1 (SVD-2025-1102)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1102 advisory. - In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116,...

Splunk Cloud Platform和Splunk Enterprise 信息泄露漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. An information disclosure vulnerability exists...

CLSA-2025-1760459898 Update of libndp

bump version to 1.2-10.0.1...

EUVD-2008-6926

Malware in sbrugna...

EUVD-2012-6500

Malware in sbrugna...

EUVD-2023-55106

Malicious code in bioql PyPI...

EUVD-2023-55105

Malicious code in bioql PyPI...

EUVD-2022-32408

Malicious code in bioql PyPI...

EUVD-2025-18801

Malicious code in bioql PyPI...

EUVD-2025-8631

Malicious code in bioql PyPI...

EUVD-2025-18803

Malicious code in bioql PyPI...

EUVD-2023-53781

Malicious code in bioql PyPI...

EUVD-2025-18802

Malicious code in bioql PyPI...

CVE-2023-49883

IBM Transformation Extender Advanced 10.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts...

CVE-2025-20370

In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a user who holds a role that contains the high-privilege capability changeauthentication, could send multiple LDAP bind requests to a specific...

CVE-2023-49883

IBM Transformation Extender Advanced 10.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts...

CVE-2023-50300

IBM Transformation Extender Advanced 10.0.1 could allow a local user to perform unauthorized actions due to improper access controls...