712 matches found
EUVD-2023-34984
Malicious code in bioql PyPI...
EUVD-2023-27011
Malicious code in bioql PyPI...
EUVD-2025-10403
Malicious code in bioql PyPI...
EUVD-2023-41274
Malicious code in bioql PyPI...
EUVD-2023-41370
Malicious code in bioql PyPI...
EUVD-2023-2874
Malicious code in bioql PyPI...
EUVD-2023-34936
Malicious code in bioql PyPI...
EUVD-2022-27686
Malicious code in bioql PyPI...
CVE-2025-34227
Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...
ROS-20250924-06
A vulnerability in the Django web application software platform is related to insufficient cleanup of the user data in FilteredRelation column aliases. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in the database A vulnerability in the...
ROS-20250923-19
A vulnerability in the Zabbix universal monitoring system is related to insufficient cleaning of user data transmitted via the "Visible Name" field during automatic host deletion. data transmitted via the "Visible Name" field during automatic host deletion. Exploitation vulnerability could allow ...
DEBIAN-CVE-2025-59431
MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipula...
Metabase 0.41.x < 0.41.7 / 0.42.x < 0.42.4 / 1.41.x < 1.41.7 / 1.42.x < 1.42.4
The version of Metabase installed on the remote host is prior to Unknown. It is, therefore, affected by a Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called ATTACH DATABASE, which allows connecting multiple SQLite databases via the...
Information Disclosure
apachesuperset is vulnerable to information disclosure. The vulnerability is due to improper exposure of database queries in the /chart/data API response, which allows an attacker to access sensitive schema information such as table names...
JetBrains IntelliJ IDEA HTML Injection Vulnerability
JetBrains IntelliJ IDEA is an integrated development environment IDE developed by JetBrains , designed to improve developer productivity and code quality , mainly for Java programming , but also supports Kotlin, Web, Spring and other languages and frameworks . JetBrains IntelliJ IDEA suffers from...
JetBrains IntelliJ IDEA 安全漏洞
JetBrains IntelliJ IDEA is an integrated development environment IDE developed by JetBrains , designed to improve developer productivity and code quality , mainly for Java programming , but also supports Kotlin, Web, Spring and other languages and frameworks . JetBrains IntelliJ IDEA suffers from...
SUSE SLES15 Security Update : go1.24-openssl (SUSE-SU-2025:02837-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02837-1 advisory. Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS...
CVE-2025-54474
A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands...
Malicious code in ecinc-cloud-moaxmpp (npm)
Package exhibits multiple malicious behaviors: Office doc access/encryption, DB interaction, local storage clearing, arbitrary code execution, /dev/shm ref. The code includes a native bridge that allows it to execute arbitrary SQL queries on a mobile device’s database when used within a specific...
Code-Projects Simple Online Hotel Reservation System 注入漏洞
Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter roomid in the file...