241 matches found
EUVD-2023-38002
Malicious code in bioql PyPI...
EUVD-2024-38570
Malicious code in bioql PyPI...
EUVD-2024-35564
Malicious code in bioql PyPI...
EUVD-2023-55121
Malicious code in bioql PyPI...
EUVD-2023-29727
Malicious code in bioql PyPI...
SuiteCRM SQL注入漏洞
SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM suffers from a SQL injection vulnerability that stems from the InboundEmail module allowing arbitrary queries to be executed in the back-end database, which could lead to SQL injection...
WeGIA SQL Injection Vulnerability (CNVD-2025-17301)
WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that can be exploited by an attacker to view, add, modify, or delete information in the back-end database...
Esri ArcGIS Server SQL注入漏洞
Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. Esri ArcGIS Server suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker could use this...
CVE-2022-41731
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 237402...
CVE-2023-50316
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...
CVE-2024-35148
IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...
CVE-2024-35148 IBM Maximo Application Suite SQL injection
IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...
IBM Engineering Lifecycle Optimization Publishing SQL Injection Vulnerability
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is IBM's software for engineering lifecycle management optimization. A SQL injection vulnerability exists in IBM Engineering Lifecycle Optimization - Publishing. A remote attacker could exploit this vulnerability by sending...
CVE-2024-41767
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
CVE-2024-41767
CVE-2024-41767 affects IBM Engineering Lifecycle Optimization - Publishing versions 7.0.2 and 7.0.3. The issue is a SQL injection in the component that constructs SQL commands from externally-controlled input, enabling a remote attacker to view, add, modify, or delete records in the back-end data...
CVE-2024-52360
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
CVE-2024-52360 IBM Concert Software SQL injection
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
Security Bulletin: A vulnerability in Npgsql affects IBM Robotic Process Automation and may result in incorrect back end database access (CVE-2024-32655)
Summary A vulnerability in Npgsql affects IBM Robotic Process Automation and may result in incorrect back end database access. Ngpsql is used by IBM Robotic Process Automation for database access. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability...
CVE-2024-40689
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. IBM X-Force ID: 297719...
IBM InfoSphere Information Server SQL注入漏洞
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server version 11.7 suffers from a SQL injection vulnerability that...