Lucene search
K

16 matches found

Redos
Redos
added 2026/04/29 12:0 a.m.7 views

ROS-20260429-73-0013

A vulnerability in the PostgreSQL database management system is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the context of the current user using specially crafted queries...

8.8CVSS6AI score0.01079EPSS
Exploits0
OSV
OSV
added 2025/01/10 10:15 p.m.5 views

CVE-2024-9188

Specially constructed queries cause cross platform scripting leaking administrator tokens...

8.8CVSS5.6AI score0.00465EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.10 views

PT-2025-3711

Name of the Vulnerable Software and Affected Versions Software affected versions not specified Description The issue involves specially constructed queries that cause cross-platform scripting, resulting in the leakage of administrator tokens. This allows for potential unauthorized access and...

8.8CVSS6.3AI score0.00465EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.6 views

PT-2025-2769

Name of the Vulnerable Software and Affected Versions: ETM affected versions not specified Description: Specially constructed queries targeting ETM could discover active remote access sessions. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

7.6CVSS6.3AI score0.00412EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/12/07 12:0 a.m.4 views

PT-2024-29556 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is a denial of service, where the server may crash under certain conditions with a specially crafted query. Recommendations:...

6.5CVSS9.4AI score0.00389EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/11 8:40 p.m.32 views

Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL.

Summary There are multiple vulnerabilities in IBM® Db2® 11.5 used by IBM® Db2® Big SQL 7 on IBM Cloud Pak for Data 4.7 and earlier. These issues were disclosed in an IBM® Db2® Security Bulletin in July 2023. Vulnerability Details CVEID:CVE-2023-30447 DESCRIPTION: IBM Db2 for Linux, UNIX and Windo...

8.8CVSS8.9AI score0.01628EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/31 11:6 p.m.36 views

Security Bulletin: Multiple Vulnerabilities in Db2 affect IBM Cloud Pak System.

Summary Multiple Vulnerabilities in Db2 affect Cloud Pak System. Vulnerability Details CVEID:CVE-2023-30447 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM...

8.8CVSS7.7AI score0.01628EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/15 12:0 a.m.8 views

The vulnerability of the IBM DB2 database management system arises from the improper assignment of permissions for critical resources. This allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the IBM DB2 database management system is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures by sending specially crafted...

5.1CVSS6.9AI score0.00328EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2021/03/03 7:48 p.m.19 views

CVE-2020-7929

A flaw was found in mongodb. A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for $regex. The highest threat from this vulnerability is to system availability...

6.5CVSS2.3AI score0.01289EPSS
Exploits0References4
Veracode
Veracode
added 2020/12/06 3:52 a.m.17 views

Denial Of Service (DoS)

MongoDB is vulnerable to denial of service attacks. A remote attacker with privileges to perform database queries may cause denial of service conditions by issuing specially crafted queries...

6.5CVSS4.7AI score0.01275EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2020/11/23 5:30 p.m.34 views

CVE-2018-20803

Removed by vendor...

6.5CVSS6.5AI score0.01269EPSS
Exploits0
OSV
OSV
added 2020/11/23 4:15 p.m.13 views

CVE-2019-2393

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior t...

6.5CVSS6.2AI score
Exploits0References1
Prion
Prion
added 2020/11/23 4:15 p.m.18 views

Input validation

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $mod operator to overflow negative values. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.1; v4.2 versions prior to 4.2.9; v4.0 versions prio...

4CVSS6.4AI score0.01246EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23911/info MySQL is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted queries. An attacker can exploit this issue to crash the application, denying access to legitimate...

7.1AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2011/11/22 1:8 p.m.33 views

bind (important)

specially crafted DNS queries could crash the bind name server CVE-2011-4313...

5CVSS2.5AI score0.16747EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/03/18 12:0 a.m.31 views

GLSA-200703-15 : PostgreSQL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200703-15 PostgreSQL: Multiple vulnerabilities PostgreSQL does not correctly check the data types of the SQL function arguments under unspecified circumstances nor the format of the provided tables in the query planner. Impact : A...

8.5CVSS6AI score0.04693EPSS
Exploits0References3
Rows per page
Query Builder