115 matches found
CVE-2025-62228 Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers
Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue...
PT-2025-41380
Name of the Vulnerable Software and Affected Versions Apache Flink CDC version 3.4.0 Description The software is susceptible to a SQL injection due to maliciously crafted identifiers, such as a crafted database name or table name. The attack can only be triggered by a logged-in database user...
EUVD-2014-8513
Malware in sbrugna...
EUVD-2019-7987
Malware in sbrugna...
EUVD-2019-7988
Malware in sbrugna...
EUVD-2022-5456
Malicious code in bioql PyPI...
EUVD-2022-3684
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-24530
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...
CVE-2025-24530
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...
UBUNTU-CVE-2025-24530
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...
DEBIAN-CVE-2024-57663
An issue in the sqlgplacedpipes component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
The vulnerability of the ThinServer component of the Rockwell Automation ThinManager application management platform allows a attacker to execute arbitrary code.
The vulnerability of the ThinServer component of Rockwell Automation’s centralized application management platform, ThinManager, relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted SQL query...
libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c
An improper initialization issue was found in libmaxminddb. A remote user could exploit this flaw by sending a specially crafted MaxMind DB file that, when parsed by an application linked to libmaxminddb, would possibly crash the application, resulting in a denial of service condition...
libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c
An improper initialization issue was found in libmaxminddb. A remote user could exploit this flaw by sending a specially crafted MaxMind DB file that, when parsed by an application linked to libmaxminddb, would possibly crash the application, resulting in a denial of service condition...
The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment arises from the use of a field in the ITIL form for submitting requests, which allows an attacker to obtain the administrator’s account information.
The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment lies in the use of a input field for ITIL entities in the request form. Exploiting this vulnerability could allow a malicious actor to gain access to the administrator’s account by sending a...
UBUNTU-CVE-2023-30259
A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file...
PT-2023-22609 · Librecad +2 · Importshp +3
Name of the Vulnerable Software and Affected Versions: LibreCAD version 2.2.0 Description: A Buffer Overflow issue in the importshp plugin allows attackers to obtain sensitive information via a crafted DBF file. Recommendations: For LibreCAD version 2.2.0, at the moment, there is no information...
SUSE CVE-2007-4575
HSQLDB before 1.8.0.9, as used in OpenOffice.org OOo 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."...
SUSE CVE-2012-1190
Cross-site scripting XSS vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name...
SUSE CVE-2016-5703
SQL injection vulnerability in libraries/centralcolumns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query...