Lucene search
K

538 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.20 views

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data...

8.8CVSS8.2AI score0.02288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.6 views

PT-2026-3755

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the sch qfq module related to how it handles deactivation of inactive aggregates during a reset operation. Specifically, a NULL dereference can occur ...

5.5CVSS6.1AI score0.00118EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.3 views

EulerOS 2.0 SP9 : sqlite (EulerOS-SA-2026-1011)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. Thi...

7.7CVSS7.1AI score0.73495EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2026/01/06 1:46 p.m.4 views

mariadb: MariaDB Server Crash Due to Empty Backtrace Log

A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...

4.9CVSS5.7AI score0.00432EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 6:7 p.m.3 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.2AI score0.73495EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/01/05 6:1 p.m.6 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.2AI score0.73495EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/01/05 5:40 p.m.4 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.2AI score0.73495EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/01/05 12:51 a.m.8 views

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

7.7CVSS7.2AI score0.73495EPSS
Exploits3References6
RedhatCVE
RedhatCVE
added 2026/01/03 6:5 p.m.12 views

CVE-2025-15439

A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...

6.5CVSS7.1AI score0.00237EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/02 5:45 p.m.4 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection in the DataStats function, which passes user input directly to goqu.L for execution on the database without escaping. An attacker can execute SQL by supplying malicious input to the column, group, or order parameters of th...

6.5CVSS7.2AI score0.00237EPSS
Exploits0References2
NVD
NVD
added 2026/01/02 5:15 p.m.7 views

CVE-2025-15439

A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...

6.5CVSS0.00237EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/02 5:2 p.m.27 views

CVE-2025-15439 Daptin Aggregate API resource_aggregate.go goqu.L sql injection

A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...

6.5CVSS0.00237EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/01/02 5:2 p.m.5 views

CVE-2025-15439 Daptin Aggregate API resource_aggregate.go goqu.L sql injection

A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...

6.5CVSS6.7AI score0.00237EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/02 5:2 p.m.5 views

EUVD-2026-0654

A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resourceaggregate.go of the component Aggregate API. The manipulation of the argument column/group/order leads to sql injection. The attack may be initiated remotely...

6.5CVSS6.5AI score0.00237EPSS
Exploits0References6
CVE
CVE
added 2026/01/02 5:2 p.m.9 views

CVE-2025-15439

The CVE-2025-15439 entry concerns Daptin 0.10.3 where the goqu.L call in server/resource/resource_aggregate.go (Aggregate API) is vulnerable to SQL injection via manipulated arguments column/group/order. The issue is exploitable remotely and publicly demonstrated; multiple sources (NVD, Red Hat, ...

6.5CVSS6.7AI score0.00237EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/02 12:0 a.m.4 views

daptin SQL注入漏洞

daptin is a content management system from Daptin open source. A SQL injection vulnerability exists in daptin version 0.10.3, which stems from incorrect manipulation of the parameters column/group/order within the file server/resource/resourceaggregate.go in the component Aggregate API, which can...

6.5CVSS6.9AI score0.00237EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/02 12:0 a.m.6 views

PT-2026-1108

Name of the Vulnerable Software and Affected Versions Daptin version 0.10.3 Description A flaw exists in Daptin version 0.10.3 within the Aggregate API component. Specifically, the goqu.L function in the server/resource/resource aggregate.go file is susceptible to SQL injection. The issue arises...

6.5CVSS7AI score0.00237EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2025/11/27 1:1 a.m.6 views

drm/meson: remove drm bridges at aggregate driver unbind time

...

7.8CVSS7AI score0.00147EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-50560

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/meson: explicitly remove aggregate driver at module unload time Because componentmasterdel wasn't being called when unloading the mesondrm module, the...

6.2AI score0.00195EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/11/18 9:2 a.m.11 views

kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

4.7CVSS5.7AI score0.00115EPSS
Exploits0References5
Rows per page
Query Builder