CVE-2025-61027

An issue in the tsetpush component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2025-61018

An issue in the sqloplacedtset component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2025-61022

The vulnerability CVE-2025-61022 affects OpenLink Virtuoso Open-Source (v7.2.11) in the sqlo_tb_col_preds component. It allows an attacker to cause a Denial of Service via crafted SQL statements. Public references in the connected documents confirm the DoS impact, but there are no details about e...

Linux Distros Unpatched Vulnerability : CVE-2026-11822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory...

CVE-2026-11824

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...

EUVD-2026-35794

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

CVE-2026-11822

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

CVE-2026-11822 SQLite before 3.53.2 Memory Corruption in FTS5 Extension

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

CVE-2026-11822

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

PT-2026-48217

Name of the Vulnerable Software and Affected Versions SQLite versions prior to 3.53.2 Description Memory corruption issues exist in the FTS5 full-text search extension. An attacker can cause process crashes, memory exhaustion, or arbitrary code execution by providing a crafted database containing...

📄 SQLite 3.50.1 winsqlite3.dll Heap Overflow

This Metasploit local exploit module targets a heap overflow vulnerability in winsqlite3.dll in SQLite versions prior to 3.50.2 on Windows systems. It first attempts to detect the installed SQLite version, then generates a specially crafted database and SQL workload containing an excessive number...

CVE-2019-25515 Jettweb PHP Hazir Haber Sitesi Scripti V3 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

CVE-2026-23720

A vulnerability has been identified in Simcenter Femap All versions V2512, Simcenter Nastran All versions V2512. The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the...

CVE-2021-33688

SAP Business One allows an attacker with business privileges to execute crafted database queries, exposing the back-end database. Due to framework restrictions, only some information can be obtained...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

EUVD-2024-55108

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

PT-2025-48468

Name of the Vulnerable Software and Affected Versions Socomec Easy Config System version 2.6.1.0 Description An authentication bypass exists in the User profile management functionality. A crafted database record can allow unauthorized access. An attacker can modify a local database to trigger th...

CVE-2025-62228 Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers

Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue...