CVE-2022-4607

The CVE-2022-4607 issue affects 3D City Database OGC Web Feature Service (WFS) up to version 5.2.0. The root cause is an XML External Entity (XXE) reference introduced during processing, enabling potentially sensitive data exposure or other impact as described. A fix is available: upgrade to vers...

VulnCheck KEV: CVE-2023-25157

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language CQL as part of the Web Feature Service WFS and Web Map Service WMS protocols...

UBUNTU-CVE-2017-5522

Stack-based buffer overflow in MapServer before 6.0.6, 6.2.x before 6.2.4, 6.4.x before 6.4.5, and 7.0.x before 7.0.4 allows remote attackers to cause a denial of service crash or execute arbitrary code via vectors involving WFS get feature requests...

CVE-2013-7232

SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service...

Sql injection

SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service...