1174 matches found
CVE-2023-31616
An issue in the bifmod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2023-31628
CVE-2023-31628 affects Virtuoso Open-Source Edition, specifically the stricmp component in version 7.2.9. The vulnerability arises from an issue in the stricmp code path that can be triggered by crafted SQL statements, leading to a Denial of Service (DoS). The connected OSV entries corroborate th...
CVE-2023-31630
An issue in the sqloqueryspec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2023-31607
CVE-2023-31607 affects Virtuoso Open-Source Edition (virtuoso-opensource) v7.2.9, with the issue in the __libc_malloc component allowing Denial of Service via crafted SQL statements. The OSV/Nessus/Red Hat/Amazon Linux advisories confirm this vulnerability and list affected packages; some documen...
CVE-2023-31623
An issue in the mpboxcopy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2023-31613
An issue in the nssdatabaselookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2023-31616
An issue in the bifmod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2023-31620
An issue in the dvcompare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2023-31626
An issue in the gpfnotice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2023-31608
An issue in the artmdivint component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2023-31433
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter...
Sql injection
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter...
CVE-2023-31433
CVE-2023-31433: A SQL injection in evasys Logbuch allows an authenticated attacker to execute arbitrary SQL via the welche parameter. Affected: evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401. Root cause is unsafely constructed SQL statements in the Logbuch component. Impact: high conf...
CVE-2023-31433
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter...
Campcodes Online Traffic Offense Management System SQL Injection Vulnerability (CNVD-2023-29406)
Campcodes Online Traffic Offense Management System is a web-based traffic offense management system. A SQL injection vulnerability exists in Campcodes Online Traffic Offense Management System v1.0. The vulnerability stems from the lack of validation of external input SQL statements in the paramet...
PT-2023-9528 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the stricmp component of openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS via crafted SQL statements. This is due to the incorrect neutralizati...
PT-2023-9519 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the libc longjmp component of the openlink virtuoso-opensource platform is related to the improper neutralization of special elements used in SQL commands. Exploitation of...
PT-2023-9525 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the sqlc union dt wrap component of openlink virtuoso-opensource, which is associated with the improper neutralization of special elements used in SQL commands...
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29388)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter category of...
IBM Security Guardium SQL Injection Vulnerability (CNVD-2023-20081)
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management, and streamlined audit process construction.IBM Security Guardium Key Lifecycle Manager is vulnerab...