CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5096 matches found

Github Security Blog•added 2025/10/09 3:31 p.m.•6 views

Apache Flink CDC is vulnerable to SQL Injection through maliciously crafted identifiers

Apache Flink CDC version 3.0.0 to before 3.5.0 are vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, users are recommended to update Flink CDC version to 3.5.0...

8.8CVSS8AI score0.00415EPSS

Exploits0References6Affected Software5

Snyk•added 2025/10/09 1:42 p.m.•3 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the quote function that fails to properly escape special characters. An attacker can execute arbitrary SQL commands by supplying specially crafted input values for database name or table names. Remediation Upgrade...

8.8CVSS8.6AI score0.00415EPSS

Exploits0References2

Positive Technologies•added 2025/10/09 12:0 a.m.•4 views

PT-2025-41380

Name of the Vulnerable Software and Affected Versions Apache Flink CDC version 3.4.0 Description The software is susceptible to a SQL injection due to maliciously crafted identifiers, such as a crafted database name or table name. The attack can only be triggered by a logged-in database user...

8.8CVSS7.4AI score0.00415EPSS

Exploits0References11

The Hacker News•added 2025/10/07 10:36 a.m.•6 views

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. "XWorm's modular design is built around a core client and an array of specialized components known as plugins," Trellix...

8.6AI score

Exploits0