CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2026/01/10 5:41 a.m.•3 views

CVE-2025-67280

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user...

5.4CVSS7.2AI score0.00008EPSS

Exploits0References1

NVD•added 2026/01/09 4:16 p.m.•5 views

CVE-2025-67280

5.4CVSS0.00008EPSS

Exploits0References2

Vulnrichment•added 2026/01/09 12:0 a.m.•3 views

CVE-2025-67280

6.8AI score0.00008EPSS

Exploits0References2

EUVD•added 2025/10/20 9:30 p.m.•4 views

EUVD-2025-35106

SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...

1CVSS7.2AI score0.00034EPSS

Exploits0References2

NVD•added 2025/10/20 8:15 p.m.•5 views

CVE-2025-8052

8.8CVSS0.00034EPSS

Exploits0References1

EUVD•added 2025/10/06 8:16 p.m.•2 views

EUVD-2025-32540

XWiki Platform is vulnerable to HQL injection via wiki and space search REST API...

9.3CVSS6.7AI score0.00342EPSS

Exploits0References5

Snyk•added 2025/10/06 8:16 p.m.•2 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the orderField parameter in the REST API. An attacker can execute arbitrary HQL statements by injecting crafted input, potentially leading to unauthorized data access or manipulation. Remediation Upgrade...

9.8CVSS8AI score0.00342EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-29966

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01139EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 3:27 a.m.•8 views

CVE-2023-26093

Liima before 1.17.28 allows Hibernate query language HQL injection, related to colToSort in the deployment filter...

9.8CVSS6.8AI score0.01139EPSS

Exploits0References1

NVD•added 2023/02/20 5:15 a.m.•9 views

CVE-2023-26093

Liima before 1.17.28 allows Hibernate query language HQL injection, related to colToSort in the deployment filter...

9.8CVSS9.4AI score0.01139EPSS

Exploits0References2

Vulnrichment•added 2023/02/20 12:0 a.m.•8 views

CVE-2023-26093

Liima before 1.17.28 allows Hibernate query language HQL injection, related to colToSort in the deployment filter...

9.4AI score0.01139EPSS

Exploits0References2

Positive Technologies•added 2020/10/12 12:0 a.m.•3 views

PT-2020-6996 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 6.3-milestone-2 through 13.10.4 XWiki Platform versions 11.10.6 through 14.3-rc-1 are not needed as they are included in the range above, so the final version is: XWiki Platform versions 6.3-milestone-2 through 13.10.4...

9.8CVSS7.3AI score0.01904EPSS

Exploits0References13

myhack58•added 2016/06/14 12:0 a.m.•28 views

HITB16 issues resolution: Java applications ORM injection the development of new methods-vulnerability warning-the black bar safety net

! “Hack In The Box”conference is in Europe in Amsterdam, organized by the global well-known Security Summit. This year's conference very interesting, one by a security researcher Mikhail Egorov and Sergey Soldatov presented the topic“Java application ORM injection the development of new...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by