Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

SUSE CVE
SUSE CVEadded 2026/05/18 1:22 p.m.8 views

SUSE CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

3.7CVSS6.1AI score0.00024EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2026/03/20 12:13 a.m.2 views

CVE-2026-32767 SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API

SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlyin...

9.8CVSS6.1AI score0.00035EPSS
Exploits1References4
BDU FSTEC
BDU FSTECadded 2024/01/11 12:0 a.m.1 views

The vulnerability of the selectDeviceListBy method in the software for controlling power supply sources of Voltronic Power ViewPower allows a malicious actor to execute arbitrary SQL queries.

The vulnerability of the selectDeviceListBy method in the software for managing power sources of Voltronic Power ViewPower Pro is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...

10CVSS8.1AI score0.36387EPSS
Exploits0References5
BDU FSTEC
BDU FSTECadded 2020/10/27 12:0 a.m.3 views

The vulnerability of the Clone function in the GLPI system, which handles requests, incidents, and inventory management of computer equipment, allows a hacker to execute arbitrary SQL commands.

The vulnerability of the Clone function in the GLPI system for requests, incidents, and inventory management is related to the improper elimination of special elements used in SQL queries. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

7.5CVSS7.5AI score0.00341EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linuxadded 2020/09/08 10:6 a.m.3 views

postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution

A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function...

8.8CVSS7.4AI score0.00197EPSS
Exploits0References5
CNVD
CNVDadded 2017/06/26 12:0 a.m.4 views

Redgate SQL Monitor Arbitrary SQL Command Execution Vulnerability

Redgate SQL Monitor is a SQL Server monitor that monitors and analyzes database and task operations in real time and generates PDF documents. A security vulnerability exists in Redgate SQL Monitor, which can be exploited by a local attacker to submit a special request, gain access to Base Monitor...

10CVSS7.7AI score0.39987EPSS
Exploits4References1
Rows per page
Query Builder