241 matches found
CVE-2025-36220 Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.
IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
CVE-2025-36220 Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.
IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
CVE-2025-36368 IBM Sterling B2B Integrator and IBM Sterling File Gateway SQL Injection
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, and 6.2.1.0 through 6.2.1.11 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or...
CVE-2025-36368
IBM Sterling B2B Integrator and IBM Sterling File Gateway are affected by a SQL injection vulnerability (CVE-2025-36368) in the Dashboard UI affecting versions 6.1.0.0–6.1.2.7_2, 6.2.0.0–6.2.0.5_1, and 6.2.1.0–6.2.1.1_1. The issue allows an administrative user to send crafted SQL statements to vi...
GHSA-5QW5-WF2Q-F538 ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection
ActiveRecord-JDBC-Adapter AR-JDBC contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the sql.gsub function in lib/arjdbc/jdbc/adapter.rb not properly sanitizing user-supplied input before using it in SQL queries. This may allow a remote attacker to inject or...
CVE-2021-33688
SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework restrictions, only some information can be obtained...
CVE-2024-41767
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
CVE-2025-13214 IBM Aspera Orchestrator SQL Injection
IBM Aspera Orchestrator 4.0.0 through 4.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
CVE-2025-42889
SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this vulnerability has a low impact on the application's confidentiality and integrity but no impact on its availability...
CVE-2025-42889
CVE-2025-42889 affects SAP Starter Solution. An authenticated attacker can execute crafted database queries, exposing the back-end database. Impact is described as low for confidentiality and integrity, with no availability impact. Multiple connected sources (NVD/Red Hat/NCSc/CVE listing) confirm...
CVE-2025-42889 SQL Injection vulnerability in SAP Starter Solution (PL SAFT)
SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this vulnerability has a low impact on the application's confidentiality and integrity but no impact on its availability...
CVE-2025-42889 SQL Injection vulnerability in SAP Starter Solution (PL SAFT)
SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this vulnerability has a low impact on the application's confidentiality and integrity but no impact on its availability...
SAP S/4HANA SQL注入漏洞
SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. SAP S/4HANA suffers from a SQL injection vulnerability that originates from an authenticated attacker being able to execute a specially crafted database query, which could...
PT-2025-46230
Name of the Vulnerable Software and Affected Versions SAP Starter Solution affected versions not specified Description SAP Starter Solution allows an authenticated attacker to execute crafted database queries, potentially exposing the back-end database. This can impact the confidentiality and...
EUVD-2020-24802
Malware in sbrugna...
EUVD-2019-13395
Malware in sbrugna...
EUVD-2020-25894
Malware in sbrugna...
EUVD-2019-14359
Malware in sbrugna...
EUVD-2023-38002
Malicious code in bioql PyPI...
EUVD-2022-27484
Malicious code in bioql PyPI...