5 matches found
CVE-2024-38829
A flaw was found in Spring LDAP. The usage of String.toLowerCase and String.toUpperCase has some locale dependent exceptions that could result in unintended columns being queried...
CVE-2024-22856
A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit Portal = v.3.0 allows authenticated attackers to execute unintended queries and disclose sensitive information from DB tables via crafted requests...
CVE-2024-22856
A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit Portal = v.3.0 allows authenticated attackers to execute unintended queries and disclose sensitive information from DB tables via crafted requests...
PT-2024-19588 · Unknown · Axe Credit Portal
Name of the Vulnerable Software and Affected Versions: Axe Credit Portal versions 3.0 and later Description: The issue allows authenticated attackers to execute unintended queries and disclose sensitive information from database tables via crafted requests, specifically through the Save Favorite...
PT-2023-23160 · Samsung · Samsung Exynos Modem
Name of the Vulnerable Software and Affected Versions: Samsung Exynos Modem versions 5123 through 5300 Description: An issue was discovered in the Shannon RCS component. An incorrect default permission can cause unintended querying of RCS capability via a crafted application. Recommendations: For...