Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/08/14 2:24 a.m.8 views

CVE-2025-42949

Due to a missing authorization check in the ABAP Platform, an authenticated user with elevated privileges could bypass authorization restrictions for common transactions by leveraging the SQL Console. This could enable an attacker to access and read the contents of database tables without proper...

4.9CVSS7.5AI score0.00062EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/10/19 8:15 a.m.1 views

CVE-2022-42467

When running in prototype mode, the h2 webconsole module accessible from the Prototype menu is automatically made available with the ability to directly query the database. It was felt that it is safer to require the developer to explicitly enable this capability. As of 2.0.0-M8, this can now be...

5.3CVSS5.8AI score0.00431EPSS
Exploits0References3
Packet Storm
Packet Stormadded 2022/01/25 12:0 a.m.310 views

H2 Database Console Remote Code Execution

Document Title =============== Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221. Product Description =============== The H2 Console Application The Console lets you access a SQL database using a browser interface. Homepage: http://www.h2database.com/html/quickstart.html Affecte...

0.1AI score0.26568EPSS
Exploits4
Check Point Advisories
Check Point Advisoriesadded 2022/01/23 12:0 a.m.8 views

H2 Database Console Remote Code Execution (CVE-2021-42392)

A remote code execution vulnerability exists in H2 Database Console. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.7AI score0.90592EPSS
Exploits3
NCSC
NCSCadded 2022/01/07 12:0 a.m.3 views

Vulnerability fixed in H2 Database Console

A vulnerability has been found in the Console component of H2 Database. This vulnerability allows a local malicious person to to execute arbitrary code under application privileges. Researchers at JFrog found this vulnerability during additional research on Java vulnerabilities following Log4j. S...

10CVSS7.4AI score0.90592EPSS
Exploits3
Cvelist
Cvelistadded 2004/09/01 4:0 a.m.20 views

CVE-2002-1137

Buffer overflow in the Database Console Command DBCC that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine MSDE 1.0 and Microsoft Desktop Engine MSDE 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data...

7.9AI score0.14525EPSS
Exploits1References6
NVD
NVDadded 2002/10/11 4:0 a.m.14 views

CVE-2002-1137

Buffer overflow in the Database Console Command DBCC that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine MSDE 1.0 and Microsoft Desktop Engine MSDE 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data...

7.5CVSS7.9AI score0.14525EPSS
Exploits1References6
Rows per page
Query Builder