2400 matches found
PT-2026-25215
🟠 CVE-2026-32368 - High Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to L... https://t.co/AXMBUTPmnj https://t.co/FboOVVJUyL...
Improper Neutralization of Special Elements in Data Query Logic
Overview graphiti-core is an A temporal graph building library Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the SearchFilters.nodelabels process. An attacker can execute arbitrary Cypher queries within the privileges of th...
Improper Neutralization of Special Elements in Data Query Logic
Overview sylius/sylius is a platform for PHP, based on Symfony framework. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the order query parameter in API filters. An attacker can access sensitive information from the databas...
CVE-2025-70024
CVE-2025-70024 affects benkeen generatedata 4.0.14 and is caused by improper neutralization of special elements in SQL commands (CWE-89). The Red Hat/EUVD/NVD entries corroborate a SQLi vulnerability with a high-severity impact (CVSS v3.1: 9.8, Confidentiality/Integrity/Availability HIGH) and a n...
CVE-2025-70024
An issue pertaining to CWE-89: Improper Neutralization of Special Elements used in an SQL Command was discovered in benkeen generatedata 4.0.14...
PT-2026-24827
CVE-2025-70024 An issue pertaining to CWE-89: Improper Neutralization of Special Elements used in an SQL Command was discovered in benkeen generatedata 4.0.14. https://t.co/Am32DAzE8m...
EUVD-2026-10744
An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly...
EUVD-2026-10685
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
EUVD-2025-208441
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
CVE-2025-70038
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
PT-2026-24088
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
PT-2026-24344
Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.14.25 GitHub Enterprise Server versions prior to 3.15.20 GitHub Enterprise Server versions prior to 3.16.16 GitHub Enterprise Server versions prior to 3.17.13 GitHub Enterprise Server versions prior...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview mcp-nmap-server is a MCP server for performing network scanning using NMAP Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the childprocess.exec function in the Nmap CLI Command...
CVE-2025-11252
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026. NOTE: The vendor was contacted early about this disclosure but did not...
EUVD-2025-208137
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026. NOTE: The vendor was contacted early about this disclosur...