Lucene search
K

115 matches found

Vulnrichment
Vulnrichment
added 2025/10/09 1:15 p.m.3 views

CVE-2025-62228 Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers

Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue...

5.1CVSS7.5AI score0.00424EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.5 views

PT-2025-41380

Name of the Vulnerable Software and Affected Versions Apache Flink CDC version 3.4.0 Description The software is susceptible to a SQL injection due to maliciously crafted identifiers, such as a crafted database name or table name. The attack can only be triggered by a logged-in database user...

8.8CVSS7.4AI score0.00424EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-8513

Malware in sbrugna...

5.3CVSS6.3AI score0.03488EPSS
Exploits5References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.17 views

EUVD-2019-7987

Malware in sbrugna...

9.8CVSS8.9AI score0.03672EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2019-7988

Malware in sbrugna...

9.8CVSS8.9AI score0.03672EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2022-5456

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.01818EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-3684

Malicious code in bioql PyPI...

8CVSS8.7AI score0.02115EPSS
Exploits0References18
OSV
OSV
added 2025/01/23 6:15 a.m.0 views

DEBIAN-CVE-2025-24530

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...

6.4CVSS8.1AI score0.00403EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/01/23 6:15 a.m.4 views

CVE-2025-24530

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...

6.4CVSS6.4AI score0.00403EPSS
Exploits0References2
OSV
OSV
added 2025/01/23 6:15 a.m.5 views

UBUNTU-CVE-2025-24530

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...

6.4CVSS5.7AI score0.00403EPSS
Exploits0References3
OSV
OSV
added 2025/01/14 1:15 a.m.2 views

DEBIAN-CVE-2024-57663

An issue in the sqlgplacedpipes component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.5AI score0.00662EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/06/27 12:0 a.m.6 views

The vulnerability of the ThinServer component of the Rockwell Automation ThinManager application management platform allows a attacker to execute arbitrary code.

The vulnerability of the ThinServer component of Rockwell Automation’s centralized application management platform, ThinManager, relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted SQL query...

10CVSS6.1AI score0.02393EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2024/02/08 6:10 p.m.6 views

libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c

An improper initialization issue was found in libmaxminddb. A remote user could exploit this flaw by sending a specially crafted MaxMind DB file that, when parsed by an application linked to libmaxminddb, would possibly crash the application, resulting in a denial of service condition...

6.5CVSS6.7AI score0.02133EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/02/08 6:8 p.m.4 views

libmaxminddb: improper initialization in dump_entry_data_list() in maxminddb.c

An improper initialization issue was found in libmaxminddb. A remote user could exploit this flaw by sending a specially crafted MaxMind DB file that, when parsed by an application linked to libmaxminddb, would possibly crash the application, resulting in a denial of service condition...

6.5CVSS6.7AI score0.02133EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.6 views

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment arises from the use of a field in the ITIL form for submitting requests, which allows an attacker to obtain the administrator’s account information.

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment lies in the use of a input field for ITIL entities in the request form. Exploiting this vulnerability could allow a malicious actor to gain access to the administrator’s account by sending a...

10CVSS7.8AI score0.00899EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2023/06/28 2:15 p.m.4 views

UBUNTU-CVE-2023-30259

A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file...

5.5CVSS7.3AI score0.00318EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/06/28 12:0 a.m.3 views

PT-2023-22609 · Librecad +2 · Importshp +3

Name of the Vulnerable Software and Affected Versions: LibreCAD version 2.2.0 Description: A Buffer Overflow issue in the importshp plugin allows attackers to obtain sensitive information via a crafted DBF file. Recommendations: For LibreCAD version 2.2.0, at the moment, there is no information...

5.5CVSS6.7AI score0.009EPSS
Exploits2References16
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.7 views

SUSE CVE-2007-4575

HSQLDB before 1.8.0.9, as used in OpenOffice.org OOo 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."...

9.3CVSS7.8AI score0.14347EPSS
Exploits3References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.6 views

SUSE CVE-2012-1190

Cross-site scripting XSS vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name...

4.3CVSS5.6AI score0.02234EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.2 views

SUSE CVE-2016-5703

SQL injection vulnerability in libraries/centralcolumns.lib.php in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allows remote attackers to execute arbitrary SQL commands via a crafted database name that is mishandled in a central column query...

9.8CVSS8.7AI score0.02323EPSS
Exploits0References3
Rows per page
Query Builder