CVE-2025-40886

A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SQL statements on the DBMS used by the web application, potentially exposing unauthorized data, altering...

CVE-2025-40886

A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SQL statements on the DBMS used by the web application, potentially exposing unauthorized data, altering...

CVE-2025-40887

CVE-2025-40887 describes a SQL Injection in the Alert functionality of Nozomi Guardians/CMC. The issue arises from improper validation of an input parameter, enabling an authenticated user with limited privileges to run arbitrary SELECT SQL statements against the backend DBMS, potentially exposin...

EUVD-2025-32873

A SQL Injection vulnerability was discovered in the Alert functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SQL statements on the DBMS used by the web application, potentially exposing unauthorized data, altering...

PT-2025-40989

Name of the Vulnerable Software and Affected Versions Alert functionality affected versions not specified Description A SQL Injection issue exists due to inadequate input validation. An authenticated user with limited privileges can execute arbitrary SQL statements, potentially leading to...

CVE-2012-4684

The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service resource consumption via a valid modified signature for a...

CVE-2018-10695

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides alert functionality so that an administrator can send emails to his/her account when there are changes to the device's network. However, the same functionality allows an attacker to execute commands on the device. The POST...

Splunk Enterprise SSRF Vulnerability (SP-CAAAPSR)

Splunk Enterprise is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2012-4684

CVE-2012-4684 affects Bitcoin Core (bitcoind/Bitcoin-Qt) prior to 0.7.0. The alert functionality accepts different character representations of the same signature data but relies on a hash of the signature, enabling a remote attacker to trigger a denial-of-service (resource consumption) by sendin...