538 matches found
CVE-2023-49330
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data...
PT-2026-3755
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the sch qfq module related to how it handles deactivation of inactive aggregates during a reset operation. Specifically, a NULL dereference can occur ...
EulerOS 2.0 SP9 : sqlite (EulerOS-SA-2026-1011)
According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. Thi...
mariadb: MariaDB Server Crash Due to Empty Backtrace Log
A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...
sqlite: Integer Truncation in SQLite
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...
sqlite: Integer Truncation in SQLite
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...
sqlite: Integer Truncation in SQLite
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...
sqlite: Integer Truncation in SQLite
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...
CVE-2025-15439
A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection in the DataStats function, which passes user input directly to goqu.L for execution on the database without escaping. An attacker can execute SQL by supplying malicious input to the column, group, or order parameters of th...
CVE-2025-15439
A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...
CVE-2025-15439 Daptin Aggregate API resource_aggregate.go goqu.L sql injection
A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...
CVE-2025-15439 Daptin Aggregate API resource_aggregate.go goqu.L sql injection
A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...
EUVD-2026-0654
A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...
CVE-2025-15439
The CVE-2025-15439 entry concerns Daptin 0.10.3 where the goqu.L call in server/resource/resource_aggregate.go (Aggregate API) is vulnerable to SQL injection via manipulated arguments column/group/order. The issue is exploitable remotely and publicly demonstrated; multiple sources (NVD, Red Hat, ...
daptin SQL注入漏洞
daptin is a content management system from Daptin open source. A SQL injection vulnerability exists in daptin version 0.10.3, which stems from incorrect manipulation of the parameters column/group/order within the file server/resource/resourceaggregate.go in the component Aggregate API, which can...
PT-2026-1108
Name of the Vulnerable Software and Affected Versions Daptin version 0.10.3 Description A flaw exists in Daptin version 0.10.3 within the Aggregate API component. Specifically, the goqu.L function in the server/resource/resource aggregate.go file is susceptible to SQL injection. The issue arises...
drm/meson: remove drm bridges at aggregate driver unbind time
...
Linux Distros Unpatched Vulnerability : CVE-2022-50560
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/meson: explicitly remove aggregate driver at module unload time Because componentmasterdel wasn't being called when unloading the mesondrm module, the...
kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...