1417 matches found
CVE-2024-23815
A vulnerability has been identified in Desigo CC All versions if access from Installed Clients to Desigo CC server is allowed from networks outside of a highly protected zone, Desigo CC All versions if access from Installed Clients to Desigo CC server is only allowed within highly protected zones...
CVE-2025-46614
In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Information into a Log File...
CVE-2025-46614
The CVE-2025-46614 issue affects the Snowflake ODBC Driver prior to 3.7.0, where certain code paths log the entire SQL query at INFO level, enabling potential exposure of sensitive information. This vulnerability has a low base score (CVSS 3.1: 3.3) with LOCAL, LOW impact on confidentiality and n...
CVE-2025-46614
In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Information into a Log File...
Exploit for CVE-2024-42327
🛡️ Zabbix 7.0.0 SQL Injection Exploit Script A Python script...
SAP NetWeaver AS ABAP Authorization Bypass (3565944)
The remote SAP NetWeaver ABAP server may be affected by an authorization bypass vulnerability. Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform Application Server ABAP, an authenticated attacker with high privileges could execute certain forms of SQL queries...
CVE-2025-30015
Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform Application Server ABAP, an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable. This vulnerability has a low impact...
CVE-2025-30015 Memory Corruption vulnerability in SAP NetWeaver and ABAP Platform (Application Server ABAP)
Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform Application Server ABAP, an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable. This vulnerability has a low impact...
ROS-20250403-03
Vulnerability of SQLite hints and ETRN serialization functions of Exim mail server is related to failure to take measures to protect SQL query structure. SQL query structure protection. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sendi...
DB-GPT Arbitrary File Write vulnerability
In eosphoros-ai/db-gpt version v0.6.3 and earlier, the web API POST /api/v1/editor/chart/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim...
ROS-20250311-06
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-07
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-02
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-04
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-03
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
ROS-20250311-08
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
CVE-2025-1768
CVE-2025-1768 affects the SEO Plugin by Squirrly SEO for WordPress. The vulnerability is a blind SQL Injection in the plugin’s search parameter, exploitable on all versions up to 12.4.05 due to insufficient escaping of user input and inadequate preparation of the SQL query. With Subscriber-level ...
DIAEnergie 1.10 SQL Injection
DIAEnergie version 1.10 proof of concept remote SQL injection exploit. ============================================================================================================================================= | Title : DIAEnergie 1.10 PHP Code Injection Vulnerability | | Author : indoushka | ...
Amazon Linux 2 : php, --advisory ALAS2PHP8.2-2025-006 (ALASPHP8.2-2025-006)
The version of php installed on the remote host is prior to 8.2.27-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.2-2025-006 advisory. The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system,...
CVE-2022-34871
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of poller resources. The issue results from the lack of proper validation of a...