CVE-2022-24690

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. A PresAbs.php SQL Injection vulnerability allows unauthenticated users to taint database data and extract sensitive information via crafted HTTP requests. The type of SQL Injection is blind boolean based. An unauthenticated attacker...

CVE-2021-35487

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...

CVE-2021-3116

beforeupstreamconnection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion and versus or...

CVE-2020-9434

opensslx509checkipasc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

kernel: drm/amd/display: Increase array size of dummy_boolean

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummyboolean WHY dml2coresharedmodesupport and dmlcoremodesupport access the third element of dummyboolean, i.e. hwdebug5 = &s-dummyboolean2, when dummyboolean has size of 2. Any assignment...

CVE-2025-3767 SQL Injection in Centreon BAM boolean KPI listing

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon BAM Boolean KPi Listing modules allows SQL Injection. This page is only accessible to authenticated users with high privileges. This issue affects Centreon BAM: from 24.10 before 24.10.1,...

PT-2025-7493 · Churchcrm · Churchcrm

Name of the Vulnerable Software and Affected Versions: ChurchCRM versions 5.13.0 and prior Description: A boolean-based blind SQL Injection vulnerability exists in the EditEventAttendees functionality, allowing an attacker to execute arbitrary SQL queries. The EID parameter is directly concatenat...

USN-7216-1 tqdm vulnerability

It was discovered that tqdm did not properly sanitize non-boolean CLI Arguments. A local attacker could possibly use this issue to execute arbitrary code on the host. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-34062...

CVE-2024-50584

An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by accessing the /class/templateio.php file and supplying malicious GET parameters. The "templates" parameter is vulnerable against blind boolean-based SQL injection attacks. SQL syntax must be injected into the...

PT-2024-34340 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX versions affected versions not specified Description: An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by accessing the "/class/template io.php" file and supplying malicious GET parameters. The...

SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...

PT-2024-7538

Name of the Vulnerable Software and Affected Versions ZoneMinder versions 1.37. through 1.37.64 Description The issue is related to a boolean-based SQL injection vulnerability in the web/ajax/event.php function of ZoneMinder. This vulnerability arises from a lack of input validation for the tagId...

ZoneMinder SQL注入漏洞

ZoneMinder is an open source video surveillance software system from ZoneMinder Open Source. The system supports IP, USB, and analog cameras, among others. A SQL injection vulnerability exists in ZoneMinder 1.37.64 and previous versions 1.37.X. The vulnerability stems from web/ajax/event.php bein...

SUSE CVE-2024-49971

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummyboolean WHY dml2coresharedmodesupport and dmlcoremodesupport access the third element of dummyboolean, i.e. hwdebug5 = &s-dummyboolean2, when dummyboolean has size of 2. Any assignment...

AZL-52053 CVE-2024-49971 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummyboolean WHY dml2coresharedmodesupport and dmlcoremodesupport access the third element of dummyboolean, i.e. hwdebug5 = &s-dummyboolean2, when dummyboolean has size of 2. Any assignment...

DEBIAN-CVE-2024-49971

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummyboolean WHY dml2coresharedmodesupport and dmlcoremodesupport access the third element of dummyboolean, i.e. hwdebug5 = &s-dummyboolean2, when dummyboolean has size of 2. Any assignment...

AZL-52122 CVE-2024-49971 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummyboolean WHY dml2coresharedmodesupport and dmlcoremodesupport access the third element of dummyboolean, i.e. hwdebug5 = &s-dummyboolean2, when dummyboolean has size of 2. Any assignment...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds access to the dummyboolean array in the drm/amd/display subsystem, which could cause the...

MAL-2024-9524 Malicious code in boolean-point-in-polygon (npm)

--- -= Per source details. Do not edit below this line.=-...

U.S. Dept Of Defense: SQL Injection

The application was found to have a blind SQL injection vulnerability in the 'filterevent' parameter. The vulnerability allowed an attacker to manipulate database queries and extract sensitive information from the database through time-based or boolean-based techniques, as the injection was blind...