Lucene search
K

16 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/18 5:48 a.m.6 views

CVE-2026-55740

Nur-Alam39 bus-ticket no released versions; latest commit 459cabdbeb99c00225b26e46e3c2c30ae1de7bad contains an unauthenticated SQL injection vulnerability in businfo.php. The busid parameter received via HTTP POST is concatenated directly into a MySQL query select from businfo where id=$busid...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/12 5:45 p.m.36 views

CVE-2026-44204 Shelf: SQL Injection via sortBy Parameter

Shelf is a platform for tracking physical assets. From 1.12 to before 1.20.1, a SQL injection vulnerability in the sortBy query parameter on the /assets route allows any authenticated user any role to execute arbitrary SQL and read data from any table in the database, including data belonging to...

6.5CVSS0.00228EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/29 10:0 p.m.253 views

Exploit for SQL Injection in Ghost

CVE-2026-26980 👻 Ghost CMS Unauthenticated SQLi via Content...

9.4CVSS6AI score0.69996EPSS
Exploits7
NVD
NVD
added 2025/10/13 10:15 p.m.5 views

CVE-2025-62383

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

6.5CVSS0.00757EPSS
Exploits0References1
CVE
CVE
added 2025/10/13 9:9 p.m.12 views

CVE-2025-11623

CVE-2025-11623 is a SQL injection vulnerability in Ivanti Endpoint Manager (EPM) that enables a remote authenticated attacker to read arbitrary data from the database. Multiple connected sources (NVD, RH, CNVD, EUVD, CNNVD, CVE lists) describe Ivanti Endpoint Manager as the affected product and c...

6.5CVSS6AI score0.00758EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2019-19111

Malware in sbrugna...

9.4CVSS9.3AI score0.02418EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:22 a.m.5 views

CVE-2019-9748

In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...

9.4CVSS7AI score0.02418EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.7 views

PT-2024-32454 · Agnai · Agnai

Name of the Vulnerable Software and Affected Versions: Agnai versions prior to 1.0.330 Description: A vulnerability in Agnai permits attackers to read arbitrary JSON files at attacker-chosen locations on the server, leading to unauthorized access to sensitive information and exposure of...

4.3CVSS6.5AI score0.00455EPSS
Exploits0References8
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.3 views

AUVESY Versiondog 缓冲区错误漏洞

An out-of-bounds read vulnerability exists in AUVESY Versiondog, an automated production data and change management software solution from AUVESY Germany, which can be exploited by attackers to specify any offset and read out-of-bounds data...

5.7CVSS5.6AI score0.00637EPSS
Exploits0References5
OSV
OSV
added 2019/03/13 7:29 p.m.2 views

CVE-2019-9748

In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...

9.1CVSS7.2AI score0.02418EPSS
Exploits1References1
NVD
NVD
added 2019/03/13 7:29 p.m.19 views

CVE-2019-9748

In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...

9.4CVSS9.2AI score0.02418EPSS
Exploits1References1
Prion
Prion
added 2019/03/13 7:29 p.m.13 views

Information disclosure

In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...

9.4CVSS9AI score0.02418EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/03/13 7:0 p.m.19 views

CVE-2019-9748

In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...

9.2AI score0.02418EPSS
Exploits1References1
CVE
CVE
added 2019/03/13 7:0 p.m.40 views

CVE-2019-9748

Affected software: tinysvcmdns prior to 2018-01-16. Issue: processing a crafted mDNS packet can cause arbitrary data reads up to 16383 bytes from the buffer start, leading to a segmentation fault in uncompress_nlabel (mdns.c) and possible server crash, or disclosure of memory content via error me...

9.4CVSS9AI score0.02418EPSS
Exploits1References1Affected Software1
exploitpack
exploitpack
added 2017/01/27 12:0 a.m.24 views

Maian Weblog 4.0 - SQL Injection

Maian Weblog 4.0 - SQL Injection Introduction Exploit Title: Maian Weblog – SQL Injection Date: 27.01.2017 Vendor Homepage: http://www.maianweblog.com/ Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category: Web Application Exploits Overview Simple blog system...

0.3AI score
Exploits0
Ubuntu
Ubuntu
added 2011/10/18 3:49 p.m.80 views

USN-1232-1: X.Org X server vulnerabilities

It was discovered that the X server incorrectly handled certain malformed input. An authorized attacker could exploit this to cause the X server to crash, leading to a denial or service, or possibly execute arbitrary code with root privileges. This issue only affected Ubuntu 10.04 LTS and 10.10...

8.5CVSS5.8AI score0.05347EPSS
Exploits6
Rows per page
Query Builder