Lucene search
K

69 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : cyrus-sasl-2.1.26-24.el7 (AXSA:2022-3085:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3085:02 advisory. cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands CVE-2022-24407 Tenable has extracted the preceding...

8.8CVSS8.6AI score0.04123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements used in an SQL Command (CVE-2022-24407)

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

8.8CVSS7.1AI score0.04123EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 3: cyrus-sasl (TSSA-2022:0013)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0013 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.7AI score0.08036EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0013: cyrus-sasl (ALINUX3-SA-2022:0013)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0013 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-19906: cyrus-sasl aka Cyrus SASL...

8.8CVSS7.7AI score0.08036EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.31 views

CentOS 9 : cyrus-sasl-2.1.27-20.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the cyrus- sasl-2.1.27-20.el9 build changelog. - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement...

8.8CVSS7.7AI score0.04123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.11 views

Rocky Linux 8 : cyrus-sasl (RLSA-2022:0658)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0658 advisory. - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407 Note that...

8.8CVSS7.7AI score0.04123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.14 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : cyrus-sasl Vulnerability (NS-SA-2023-0012)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cyrus-sasl packages installed that are affected by a vulnerability: - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407 Note...

8.8CVSS7.7AI score0.04123EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.9 views

Mageia: Security Advisory (MGASA-2023-0095)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.04123EPSS
Exploits0References4
OSV
OSV
added 2023/03/18 10:16 p.m.6 views

MGASA-2023-0095 Updated mysql-connector-c++ packages fix security vulnerability

The program plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407...

8.8CVSS8.9AI score0.04123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.3 views

SUSE CVE-2022-24407

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement...

8.8CVSS9.2AI score0.04123EPSS
Exploits0References89
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for cyrus-sasl (EulerOS-SA-2023-1250)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.04123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/30 12:0 a.m.23 views

EulerOS Virtualization 3.0.2.2 : cyrus-sasl (EulerOS-SA-2023-1250)

According to the versions of the cyrus-sasl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE...

8.8CVSS7.5AI score0.04123EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.41 views

Security Bulletin: A Cyrus SASL vulnerability affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2022-24407)

Summary A Cyrus SASL vulnerability affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2022-24407. Please see below for details on how to remediate this issue. Vulnerability Details CVEID:CVE-2022-24407 DESCRIPTION: Cyrus SASL is vulnerable to SQL injection. A remote...

8.8CVSS8.6AI score0.04123EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/10 12:0 a.m.39 views

Amazon Linux 2022 : cyrus-sasl (ALAS2022-2022-234)

The version of cyrus-sasl installed on the remote host is prior to 2.1.27-18. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-234 advisory. - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE...

8.8CVSS7.7AI score0.04123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.31 views

NewStart CGSL MAIN 6.02 : cyrus-sasl Vulnerability (NS-SA-2022-0088)

The remote NewStart CGSL host, running version MAIN 6.02, has cyrus-sasl packages installed that are affected by a vulnerability: - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407 Note that Nessus h...

8.8CVSS7.7AI score0.04123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.29 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : cyrus-sasl Vulnerability (NS-SA-2022-0077)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has cyrus-sasl packages installed that are affected by a vulnerability: - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407 Note...

8.8CVSS7.7AI score0.04123EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/10/12 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for cyrus-sasl (EulerOS-SA-2022-2552)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.04123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/10 12:0 a.m.28 views

EulerOS Virtualization 3.0.6.0 : cyrus-sasl (EulerOS-SA-2022-2552)

According to the versions of the cyrus-sasl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE...

8.8CVSS7.5AI score0.04123EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/01 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for cyrus-sasl (EulerOS-SA-2022-2177)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.04123EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for cyrus-sasl (EulerOS-SA-2022-2049)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.04123EPSS
Exploits0References2
Rows per page
Query Builder