Lucene search
K

241 matches found

OSV
OSV
added 2023/08/08 1:15 a.m.6 views

CVE-2023-37483

SAP PowerDesigner - version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries against the back-end database via Proxy...

9.8CVSS5.9AI score0.01041EPSS
Exploits0References2
NVD
NVD
added 2023/08/08 1:15 a.m.33 views

CVE-2023-37483

SAP PowerDesigner - version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries against the back-end database via Proxy...

9.8CVSS9.7AI score0.01041EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.6 views

PT-2023-6500 · Sap · Sap Powerdesigner

Name of the Vulnerable Software and Affected Versions: SAP PowerDesigner version 16.7 Description: The issue is related to improper access control in SAP PowerDesigner, which could allow an unauthenticated attacker to run arbitrary queries against the back-end database via a proxy. This could...

10CVSS7.3AI score0.01041EPSS
Exploits0References7
NVD
NVD
added 2023/07/19 4:15 p.m.12 views

CVE-2023-25838

There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex a...

7.5CVSS8AI score0.00502EPSS
Exploits0References1
Prion
Prion
added 2023/07/19 4:15 p.m.16 views

Sql injection

There is SQL injection vulnerability in Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 that may allow a local, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is...

3.5CVSS7.2AI score0.00174EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/19 4:15 p.m.14 views

Sql injection

There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex a...

4.6CVSS8AI score0.00502EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/19 3:37 p.m.13 views

CVE-2023-25838 BUG-000157278 – ArcGIS Insights has a security vulnerability.

There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex a...

7.5CVSS8.4AI score0.00502EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/19 12:0 a.m.7 views

Esri ArcGIS Insights Desktop SQL注入漏洞

Esri ArcGIS Insights Desktop is a data analysis workbench from Environmental Systems Research Institute Esri, Inc. A SQL injection vulnerability exists in Esri ArcGIS Insights Desktop version 2022.1 ArcGIS Enterprise that originates from a vulnerability that could allow a remotely-authorized...

7.5CVSS8AI score0.00502EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/19 12:0 a.m.7 views

Esri ArcGIS Insights Desktop SQL注入漏洞

Esri ArcGIS Insights Desktop is a data analysis workbench from Environmental Systems Research Institute Esri, Inc. A SQL injection vulnerability exists in Esri ArcGIS Insights Desktop version 2022.1 Windows, Mac that originates from a vulnerability that allows a locally-authorized attacker to...

7CVSS7.7AI score0.00174EPSS
Exploits0References2
NVD
NVD
added 2023/05/10 5:15 a.m.19 views

CVE-2023-32569

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers who must have admin credentials to submit arbitrary SQL...

9.8CVSS8AI score0.00582EPSS
Exploits0References1
NVD
NVD
added 2023/03/21 5:15 p.m.26 views

CVE-2023-25684

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 247597...

9.8CVSS8.1AI score0.00971EPSS
Exploits0References2
Prion
Prion
added 2023/03/21 5:15 p.m.15 views

Sql injection

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 247597...

7.5CVSS9.3AI score0.00971EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 10:45 a.m.23 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to SQL injection attack (CVE-2022-40615)

Summary IBM Sterling Partner Engagement Manager has addressed a SQL injection vulnerability. Vulnerability Details CVEID:CVE-2022-40615 DESCRIPTION: IBM Sterling Partner Engagement Manager is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could...

9.8CVSS8.2AI score0.00688EPSS
Exploits0Affected Software1
NVD
NVD
added 2023/01/04 6:15 p.m.27 views

CVE-2022-22338

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 219510...

9.8CVSS7.9AI score0.00677EPSS
Exploits0References2
Prion
Prion
added 2023/01/04 6:15 p.m.17 views

Sql injection

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 219510...

7.5CVSS9.3AI score0.00677EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/10/31 12:0 a.m.41 views

Simple Cold Storage Management System SQL Injection Vulnerability (CNVD-2023-69723)

Simple Cold Storage Management System is a simple cold storage management system. A SQL injection vulnerability exists in Simple Cold Storage Management System. An attacker could use this vulnerability to view, add, modify, or delete information in a back-end database...

7.2CVSS7.7AI score0.01066EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.6 views

Simple Cold Storage Management System SQL注入漏洞

Simple Cold Storage Management System is a simple cold storage management system. A SQL injection vulnerability exists in Simple Cold Storage Management System. An attacker could use this vulnerability to view, add, modify, or delete information in a back-end database...

7.2CVSS7.7AI score0.01066EPSS
Exploits2References4
Prion
Prion
added 2022/10/26 10:15 a.m.19 views

Sql injection

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

7.5CVSS9.7AI score0.00729EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/25 12:0 a.m.49 views

CVE-2022-2422 Feathers - SQL injection via attribute aliases

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

10CVSS10AI score0.00729EPSS
Exploits0References2
OSV
OSV
added 2022/10/25 12:0 a.m.27 views

CVE-2022-2422 Feathers - SQL injection via attribute aliases

Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used...

10CVSS7.2AI score0.00729EPSS
Exploits0References4
Rows per page
Query Builder