Lucene search
K

233 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4658

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01682EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-49621

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00575EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-29608

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00939EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/12 7:11 a.m.4 views

CVE-2025-9943

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...

9.1CVSS8.2AI score0.00368EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/08/26 3:55 p.m.206 views

Exploit for Out-of-bounds Write in Php

Task Management APP CVE-2019-11043 Lab Minimal PHP app with...

9.8CVSS7.2AI score0.9947EPSS
Exploits55
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2011-4899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate,...

7.5CVSS6.4AI score0.08982EPSS
Exploits8References2
OSV
OSV
added 2025/08/22 5:52 p.m.7 views

CLSA-2025-1755885175 Fix CVE(s): CVE-2025-29088

SECURITY UPDATE: denial of service via sqlite3dbconfig argument values - debian/patches/CVE-2025-29088.patch: harden the SQLITEDBCONFIGLOOKASIDE interface against misuse, such as described in forum post 48f365daec Enhancements to the SQLITEDBCONFIGLOOKASIDE documentation - CVE-2025-29088...

5.6CVSS6.6AI score0.00179EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/09 12:0 a.m.6 views

PT-2025-32436 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The issue stems from an insecure database configuration established by the user, and was initially identified as a potential security concern but was later...

7AI score
Exploits0References2
Cvelist
Cvelist
added 2025/07/07 4:47 p.m.7 views

CVE-2025-53527 WeGIA allows Time-Based Blind SQL Injection in the relatorio_geracao.php endpoint

WeGIA is a web manager for charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in the almox parameter of the /controle/relatoriogeracao.php endpoint. This issue allows attacker to inject arbitrary SQL queries, potentially leading to unauthorized data access or...

8.3CVSS0.00408EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/28 12:0 a.m.29 views

VulnCheck KEV: CVE-2024-30269

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. The vulnerability has...

5.3CVSS5.8AI score0.16EPSS
In wildExploits2References53
RedhatCVE
RedhatCVE
added 2025/06/25 12:47 p.m.14 views

CVE-2025-6513

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it...

9.3CVSS7.3AI score0.00146EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/23 12:0 a.m.5 views

Bizerba BRAIN2 安全漏洞

Bizerba BRAIN2 is an industrial software platform from Bizerba, Germany. A security vulnerability exists in Bizerba BRAIN2 that stems from the possibility that a standard Windows user could access and decrypt database configuration files...

9.3CVSS6.6AI score0.00146EPSS
Exploits0References1
OSV
OSV
added 2025/05/31 12:59 a.m.5 views

SUSE-SU-2025:01456-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - CVE-2025-29087,CVE-2025-3277: Fixed integer overflow in sqlite concat function bsc1241020 - CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: - Updated to version 3.49.1 from Factory...

9.8CVSS6.4AI score0.00718EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 10:9 a.m.4 views

CVE-2024-30269

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. The vulnerability has...

5.3CVSS6.4AI score0.16EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:16 p.m.6 views

CVE-2021-20136

ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...

9.8CVSS7.8AI score0.10453EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:48 p.m.7 views

CVE-2020-10235

An issue was discovered in Froxlor before 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of backupExistingDatabase in install/lib/class.FroxlorInstall.php...

8.8CVSS7.4AI score0.01682EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 a.m.7 views

CVE-2013-0192

File Disclosure in SMF SimpleMachines Forum = 2.0.3: Forum admin can read files such as the database config...

4.9CVSS6.9AI score0.0376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 a.m.16 views

CVE-2019-13970

In antSword before 2.1.0, self-XSS in the database configuration leads to code execution via modules/database/asp/index.js, modules/database/custom/index.js, modules/database/index.js, or modules/database/php/index.js...

6.1CVSS7.4AI score0.01874EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:47 a.m.8 views

CVE-2011-4899

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static...

7.5CVSS7AI score0.08982EPSS
Exploits8References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:34 a.m.7 views

CVE-2019-19018

An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a database configuration file under /include/dbconfig.ini in the web administration interface, revealing what database the web application is using...

4CVSS7AI score0.00799EPSS
Exploits1References1
Rows per page
Query Builder