Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...

CVE-2026-3470

A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database...

CVE-2026-3470

A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database...

CVE-2026-3470

A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database...

PT-2026-29346

Name of the Vulnerable Software and Affected Versions SonicWall Email Security affected versions not specified Description A flaw exists in the SonicWall Email Security appliance related to insufficient input validation. This could result in data corruption, potentially allowing a remote attacker...

CVE-2016-15050

Nagios XI versions prior to 5.2.4 contain a SQL injection vulnerability in the notification search functionality. User-supplied search parameters were incorporated into SQL statements without adequate parameterization or sanitation, allowing an authenticated user to manipulate database queries...

CVE-2012-10063

Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...

EUVD-2020-3206

Malware in sbrugna...

EUVD-2016-5328

Malware in sbrugna...

EUVD-2025-12204

Malicious code in bioql PyPI...

EUVD-2022-31405

Malicious code in bioql PyPI...

EUVD-2025-11423

Malicious code in bioql PyPI...

EUVD-2021-28689

Malicious code in bioql PyPI...

EUVD-2022-30846

Malicious code in bioql PyPI...

EUVD-2022-30845

Malicious code in bioql PyPI...

CVE-2024-25656

Improper input validation in AVSystem Unified Management Platform UMP 23.07.0.16567LTS can result in unauthenticated CPE Customer Premises Equipment devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and,...

CVE-2025-32862

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockTraceLevelSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32854

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockOpcSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

Multiple SQL Injection Vulnerabilities in Siemens TeleControl Server Basic

TeleControl Server Basic is Siemens' software for the TeleControl Basic control center, which allows remote monitoring and control of devices via WAN/LAN. Siemens TeleControl Server Basic versions prior to v3.1.2.2 contain multiple SQL injection vulnerabilities that can be exploited by an attacke...

CVE-2025-32382 Snowflake credentials logged by the Metabase backend

Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase either updating a password or changing password to private key or vice versa, Metabase would not always purge older Snowflake connection details from the...