Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.11 views

CVE-2026-52758

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the...

8.8CVSS5.8AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 2:16 p.m.12 views

CVE-2026-52758

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the...

8.8CVSS0.00309EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 12:42 p.m.39 views

CVE-2026-52758 Ghidra < 12.1 - SQL Injection via Unescaped Filter Values in BSim Search

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the...

8.8CVSS0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 12:42 p.m.7 views

CVE-2026-52758 Ghidra < 12.1 - SQL Injection via Unescaped Filter Values in BSim Search

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the...

8.8CVSS5.8AI score0.00309EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 12:42 p.m.38 views

CVE-2026-52758

Summary: Ghidra before 12.1 suffers a SQL injection in the BSim filter types where user-supplied values are directly concatenated into SQL queries without escaping or parameterization. This enables remote attackers to inject arbitrary SQL via the BSim network query protocol, potentially reading, ...

8.8CVSS5.8AI score0.00309EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/10 12:42 p.m.11 views

EUVD-2026-36017

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the...

8.8CVSS5.8AI score0.00309EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

NSA Ghidra SQL注入漏洞

NSA Ghidra is an open-source reverse-engineering tool developed by the National Security Agency National Security Agency of the United States. Prior to version 12.1 of NSA Ghidra, there was a SQL injection vulnerability. This vulnerability stemmed from the BSim filter type, which directly...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48418

Name of the Vulnerable Software and Affected Versions Ghidra versions prior to 12.1 Description BSim filter types concatenate user-supplied values directly into SQL queries without escaping or parameterization. This allows remote attackers to inject arbitrary SQL via the BSim network query protoc...

8.8CVSS5.7AI score0.00309EPSS
Exploits0References7
Trellix
Trellix
added 2024/08/09 12:0 a.m.10 views

No symbols? No problem!

No symbols? No problem! By Trellix · August 9, 2024 This blog was written by Max Kersten Malware analysts know it all too well: the ominous feeling that washes over you when opening an unknown file in your favorite analysis tool and being greeted with hundreds or thousands of unknown functions,...

6.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/08/05 5:44 a.m.39 views

Fuzzy matching with Ghidra BSim, a guide

TL;DR BSim, Ghidra’s new built-in plugin is a game-changer for reversing firmware and other stripped binaries. Rapidly identify and annotate functions from known libraries. Fuzzy matching works with unknowns, like exact library versions and compiler options. Automatically define custom variable...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/08/12 8:27 a.m.17 views

bsim-engineering.com Cross Site Scripting vulnerability OBB-3575669

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Rows per page
Query Builder