15 matches found
EUVD-2022-25778
Malicious code in bioql PyPI...
EUVD-2025-19741
Malicious code in bioql PyPI...
CVE-2025-6943
Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables...
CVE-2025-6943
Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables...
CVE-2025-6943
The CVE-2025-6943 entry relates to Delinea Secret Server (Thycotic Secret Server) versions 11.7 and earlier. A SQL report creation vulnerability arises from insufficient validation of SQL report creation, enabling an administrator to access restricted tables. The impact is limited to local/admin ...
Delinea Secret Server 安全漏洞
Delinea Secret Server is a powerful PAM in the cloud or locally from Delinea USA. A security vulnerability exists in Delinea Secret Server version 11.7 and earlier, which stems from insufficient validation of SQL report creation and could lead to administrator access to restricted tables...
Apache Superset 安全漏洞
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset version 2.1.0 and prior versions have an authorization issue vulnerability that stems from incorrect authorization checks in SQLLab. An attacker can exploit the vulnerability to...
Apache Superset SQL注入漏洞
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset versions 1.5.2 and earlier and 2.0.0 have a SQL injection vulnerability that stems from a problem with the SQL Alchemy connector, which allows an authenticated user with read acce...
CVE-2022-42535
In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2247701...
Sql injection
In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2247701...
Sql injection
In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770203...
CVE-2022-42535
In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2247701...
PUB-A-224769956
In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2017-1150
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. IBM Reference : 1999515...
CVE-2016-8940
IBM Tivoli Storage Manager IBM Spectrum Protect 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these...