256 matches found
CVE-2024-57664
An issue in the sqlggroupnode component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57642
An issue in the dfeinxopcoldeftable component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57651
An issue in the jpadd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57663
The CVE-2024-57663 issue affects the virtuoso-opensource package, specifically the sqlg_place_dpipes component in version 7.2.11. The vulnerability allows attackers to trigger a Denial of Service (DoS) via crafted SQL statements. Public advisories (Amazon Linux 2 ALAS/ALAS2-2755) indicate the aff...
CVE-2024-57660
CVE-2024-57660 affects virtuoso-opensource v7.2.11 (sqlo_expand_jts). The vulnerability allows remote attackers to cause a Denial of Service via crafted SQL statements. Root cause is an issue in the sqlo_expand_jts component, leading to availability impact. Public advisories confirm the issue and...
CVE-2024-57646
An issue in the psiginfo component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-52360 IBM Concert Software SQL injection
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
The vulnerability of the __nss_database_lookup component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the nssdatabaselookup component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially create...
The vulnerability of the mp_box_copy component in the Virtuoso-opensource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the mpboxcopy component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to trigger a service failure using specially created SQL...
USN-6832-1 virtuoso-opensource vulnerabilities
Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-31607, CVE-2023-31608, CVE-2023-31609, CVE-2023-31610, CVE-2023-31611,...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the dfeqexplist component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to a Denial of Service DoS attack. The vulnerability is due to an issue in the libclongjmp component, which allows attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the dksetdelete component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the schnametoobject component, allowing attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the sqlcuniondtwrap component, allowing attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the chasharray component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the artmdivint component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the dfeunitcolloci component, allowing attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the sqloqueryspec component, enabling attackers to cause a DoS via crafted SQL statements...
SQL Injection
openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the kcvarcol component, enabling attackers to cause a DoS via crafted SQL statements...