Lucene search
K

737 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.7 views

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to buffer overflow in the stack, allows a attacker to cause service interruptions.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially crafted requests...

6.8CVSS5.8AI score0.00291EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2025/07/29 1:38 p.m.5 views

RLSA-2024:0974 Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

8CVSS7.3AI score0.01465EPSS
Exploits0References2
OSV
OSV
added 2025/07/29 1:38 p.m.14 views

RLSA-2025:3082 Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS8.4AI score0.89472EPSS
Exploits10References2
CNVD
CNVD
added 2025/07/25 12:0 a.m.5 views

WordPress Extensions For CF7 Plugin Path Traversal Vulnerability

WordPress Extensions For CF7 Plugin is a plugin that extends the functionality of Contact Form 7, mainly used to enhance the database management, conditional logic processing and user guidance capabilities of native forms. The WordPress Extensions For CF7 Plugin suffers from a path traversal...

8.1CVSS7AI score0.00777EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.5 views

Vulnerability of the Server component: The MySQL Server database management system, which allows a hacker to cause service interruptions.

Vulnerability of the MySQL Server component: The DDL system for database management of MySQL Server is vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS7AI score0.00485EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/18 12:0 a.m.7 views

Vulnerability of the Server component: The MySQL Server database management system, which allows a hacker to cause service interruptions.

Vulnerability of the MySQL Server component: The DDL system for database management of MySQL Server is vulnerable to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

4CVSS7.1AI score0.00423EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/07/14 11:50 p.m.47 views

CVE-2025-53889

Summary: CVE-2025-53889 affects Directus up to 11.9.0 where manual trigger Flows do not validate whether the triggering user has read permissions for payload items, potentially allowing unauthorized actions. The issue is fixed in 11.9.0; a workaround is to add permission checks for read access to...

6.5CVSS7.1AI score0.00395EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/14 12:0 a.m.6 views

PT-2025-29528 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions 9.0.0 through 11.8.99 Description: Directus is a real-time API and App dashboard for managing SQL database content. The exact Directus version number is exposed by the /server/specs/oas endpoint without authentication in...

5.3CVSS7.2AI score0.00452EPSS
Exploits0References13
Redos
Redos
added 2025/07/03 12:0 a.m.5 views

ROS-20250703-03

A vulnerability in the pgAdmin 4 database management tool is related to improper data cleanup, provided by the user. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

6.1CVSS8AI score0.0091EPSS
Exploits0
Redos
Redos
added 2025/07/03 12:0 a.m.5 views

ROS-20250703-01

Vulnerability in Server Mode LDAP authentication configuration of database management tool pgAdmin 4 is related to incorrect session commit as a result of improper access delimitation. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the security restrictions...

8CVSS7.8AI score0.0044EPSS
Exploits0
Redos
Redos
added 2025/07/01 12:0 a.m.5 views

ROS-20250630-01

A vulnerability in the pgAdmin 4 database management tool exists due to an incorrect restriction of the name of the of the path to a restricted directory. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

9.8CVSS9.6AI score0.64846EPSS
Exploits5
CVE
CVE
added 2025/06/17 4:31 a.m.26 views

CVE-2025-6160

CVE-2025-6160 affects SourceCodester Client Database Management System 1.0. Affects the file /user_customer_create_order.php where manipulation of the user_id parameter enables a SQL injection. The issue can be exploited remotely and, per sources, the exploit has been disclosed publicly. Public m...

9.8CVSS7.5AI score0.00502EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/06/17 4:31 a.m.20 views

CVE-2025-6160 SourceCodester Client Database Management System user_customer_create_order.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /usercustomercreateorder.php. The manipulation of the argument userid leads to sql injection. The attack may be initiat...

7.5CVSS0.00502EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.2 views

SourceCodester Client Database Management System 注入漏洞

SourceCodester Client Database Management System is SourceCodester open source a client database management system . An injection vulnerability exists in SourceCodester Client Database Management System version 1.0, which originates from SQL injection due to incorrect manipulation of the paramete...

9.8CVSS7.8AI score0.00502EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.5 views

PT-2025-25618

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0 Description A critical issue has been found in the software, affecting the processing of the file /user customer create order.php. The manipulation of the user id argument leads to S...

9.8CVSS6.8AI score0.00502EPSS
Exploits1References13
NVD
NVD
added 2025/06/16 9:15 a.m.9 views

CVE-2025-40728

SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customersupport/manageuser.php endpoint...

8.8CVSS0.00419EPSS
Exploits0References1
CVE
CVE
added 2025/06/10 10:3 a.m.47 views

CVE-2025-40655

CVE-2025-40655 describes a SQL injection in DM Corporative CMS exploitable through the name parameter of /antcatalogue.asp, enabling an attacker to retrieve, create, update, and delete data in the back-end database. The vulnerability is documented across multiple sources (NVD, Red Hat, CNVD/CNNVD...

9.8CVSS8.1AI score0.00312EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/09 6:9 p.m.6 views

CVE-2025-5840

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

7.5CVSS7.1AI score0.00378EPSS
Exploits2References1
NVD
NVD
added 2025/06/07 6:15 p.m.13 views

CVE-2025-5840

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

7.5CVSS0.00378EPSS
Exploits2References5
OSV
OSV
added 2025/06/07 6:15 p.m.3 views

CVE-2025-5840

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

6.9CVSS5.6AI score0.00378EPSS
Exploits2References5
Rows per page
Query Builder