Cisco Unified Communications Manager SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This...

CVE-2022-22338

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 219510...

mariadb: server crash in create_tmp_table::finalize

A flaw was found in MariaDB. The component, Createtmptable::finalize, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

mariadb: assertion failure in Item_args::walk_arg

A use-after-free flaw was found in Maria DB. The MariaDB Server contains a use-after-free in the component, Itemargs::walkarg, which is exploited via specially crafted SQL statements, affecting availability...

mariadb: assertion failures in decimal_bin_size

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...

mariadb: assertion failures in decimal_bin_size

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...

mariadb: assertion failure in Item_args::walk_arg

A use-after-free flaw was found in Maria DB. The MariaDB Server contains a use-after-free in the component, Itemargs::walkarg, which is exploited via specially crafted SQL statements, affecting availability...

CVE-2022-22389

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740...

CVE-2019-4575

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM...

Sql injection

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM...

Sql injection

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

CVE-2022-31768

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

Denial Of Service (DoS)

mariaDB is vulnerable to denial of service. The vulnerability exists due to an issue in the component Usedtablesandconstcache::usedtablesandconstcachejoin allowing an attackers to crash the system via specially crafted SQL statements...

CVE-2022-22495

IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 226941...

mariadb: crash in Used_tables_and_const_cache::used_tables_and_const_cache_join

A flaw was found in MariaDB. An issue in the component, Usedtablesandconstcache::usedtablesandconstcachejoin, of the MariaDB Server v10.7 allows attackers to cause a denial of service DoS via specially crafted SQL statements, impacting availability...

CVE-2022-29603

A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. A remote authenticated attacker could send crafted SQL statements to a vulnerable endpoint such as /api/students/me/messages/ to, for example, retrieve personal...

Sql injection

A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. A remote authenticated attacker could send crafted SQL statements to a vulnerable endpoint such as /api/students/me/messages/ to, for example, retrieve personal...

CVE-2022-29603

A SQL Injection vulnerability exists in UniverSIS UniverSIS-API through 1.2.1 via the $select parameter to multiple API endpoints. A remote authenticated attacker could send crafted SQL statements to a vulnerable endpoint such as /api/students/me/messages/ to, for example, retrieve personal...

CVE-2022-27377

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Itemfuncin::cleanup, which is exploited via specially crafted SQL statements...

DEBIAN-CVE-2022-27378

An issue in the component Createtmptable::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...