Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2022-5849

Malicious code in bioql PyPI...

6.8CVSS6.1AI score0.00822EPSS
Exploits1References6
OSV
OSV
added 2022/05/17 2:37 a.m.39 views

GHSA-XR4V-28RM-PVGW Improper Neutralization of Special Elements used in an SQL Command Pivotal Spring Data JPA

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 Gosling SR6 and 1.10.x before 1.10.4 Hopper SR4, when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call...

5.6CVSS6.4AI score0.00822EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/05/17 2:37 a.m.32 views

Improper Neutralization of Special Elements used in an SQL Command Pivotal Spring Data JPA

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 Gosling SR6 and 1.10.x before 1.10.4 Hopper SR4, when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call...

6.8CVSS5.8AI score0.00822EPSS
Exploits1References7Affected Software1
CNVD
CNVD
added 2016/10/13 12:0 a.m.5 views

Pivotal Spring Data JPA SQL Injection Vulnerability

Pivotal is a new company formed by EMC and VMware. A SQL injection vulnerability exists in Pivotal Spring Data JPA due to the program's inability to adequately clean user input data. An attacker could exploit the vulnerability to access and modify data...

6.8CVSS7.9AI score0.00822EPSS
Exploits1References1
NVD
NVD
added 2016/10/05 4:59 p.m.22 views

CVE-2016-6652

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 Gosling SR6 and 1.10.x before 1.10.4 Hopper SR4, when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call...

6.8CVSS6.3AI score0.00822EPSS
Exploits1References5
OSV
OSV
added 2016/10/05 4:59 p.m.12 views

CVE-2016-6652

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 Gosling SR6 and 1.10.x before 1.10.4 Hopper SR4, when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call...

5.6CVSS6.2AI score0.00822EPSS
Exploits1References5
Prion
Prion
added 2016/10/05 4:59 p.m.20 views

Sql injection

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 Gosling SR6 and 1.10.x before 1.10.4 Hopper SR4, when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call...

6.8CVSS8.7AI score0.00822EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2016/10/05 4:0 p.m.27 views

CVE-2016-6652

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 Gosling SR6 and 1.10.x before 1.10.4 Hopper SR4, when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call...

6.5AI score0.00822EPSS
Exploits1References5
Rows per page
Query Builder