CVE-2023-31625

An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

PT-2023-23403 · Openlink +1 · Openlink Virtuoso-Opensource +1

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the kc var col component allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For openlink virtuoso-opensource version 7.2.9,...

CVE-2023-31608

An issue in the artmdivint component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2023-31620

An issue in the dvcompare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2023-31616

An issue in the bifmod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2023-31626

An issue in the gpfnotice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

PT-2023-9528 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the stricmp component of openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS via crafted SQL statements. This is due to the incorrect neutralizati...

PT-2023-9519 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the libc longjmp component of the openlink virtuoso-opensource platform is related to the improper neutralization of special elements used in SQL commands. Exploitation of...

PT-2023-9525 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the sqlc union dt wrap component of openlink virtuoso-opensource, which is associated with the improper neutralization of special elements used in SQL commands...

PT-2023-9509 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue in the gpf notice component of openlink virtuoso-opensource is related to the improper neutralization of special elements used in SQL commands, which can be exploited by...

CVE-2023-25684

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 247597...

Sql injection

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 247597...

SUSE CVE-2017-2518

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...

SUSE CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

SUSE CVE-2022-27380

An issue in the component mydecimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

SUSE CVE-2022-27383

MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component mystrcasecmp8bit, which is exploited via specially crafted SQL statements...

SUSE CVE-2022-27385

An issue in the component Usedtablesandconstcache::usedtablesandconstcachejoin of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

SUSE CVE-2022-27387

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimalbinsize, which is exploited via specially crafted SQL statements...

phpMyAdmin 跨站脚本漏洞

phpMyAdmin is a free, web-based MySQL database management tool from the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin versions prior...

Cisco Unified Communications Manager SQLi (cisco-sa-cucm-sql-rpPczR8n)

The version of Cisco Unified Communications installed on the remote host is prior to tested version. It is, therefore, affected by an SQL injection vulnerability in the web-based management interface as referenced in the cisco-sa-cucm-sql-rpPczR8n advisory. An attacker authenticated as a...