Lucene search
K

348 matches found

Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54863

Name of the Vulnerable Software and Affected Versions Elasticsearch versions prior to 8.19.17 Elasticsearch versions prior to 9.3.6 Elasticsearch versions prior to 9.4.3 Description An authenticated user can trigger a denial of service by submitting a specially crafted query. This occurs due to...

6.5CVSS5.7AI score0.00309EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:44 p.m.9 views

CVE-2026-54350

Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection and, where the builder has published a PUBLIC write...

10CVSS5.8AI score0.00538EPSS
Exploits2References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2025-61029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the sqlountry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS6AI score0.0035EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:11 p.m.7 views

CVE-2026-23513

FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, a query-construction flaw in client list endpoints allowed authenticated clients to bypass tenant scoping and retrieve other clients’ data. Details In ServiceTransaction::getSearchQuery and...

7.1CVSS5.9AI score0.00282EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/23 6:17 p.m.6 views

DEBIAN-CVE-2025-61029

An issue in the sqlountry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:16 p.m.7 views

CVE-2025-61025

An issue in the sslrqstget component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS0.0035EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:16 p.m.10 views

CVE-2025-61028

An issue in the timettodt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS0.00482EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 5:16 p.m.5 views

DEBIAN-CVE-2025-61020

An issue in the sqlostripinjoin component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 5:16 p.m.5 views

DEBIAN-CVE-2025-61028

An issue in the timettodt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.7 views

PT-2026-51544

Name of the Vulnerable Software and Affected Versions openlink virtuoso-opensource version 7.2.11 Description A flaw in the t set push component allows attackers to trigger a Denial of Service DoS by using specially crafted SQL statements. Recommendations At the moment, there is no information...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/23 12:0 a.m.8 views

CVE-2025-61028

An issue in the timettodt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

5.9AI score0.00482EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 12:0 a.m.3 views

CVE-2025-61028

An issue in the timettodt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

5.9AI score0.00482EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 12:0 a.m.5 views

CVE-2025-61024

CVE-2025-61024 concerns the openlink virtuoso-opensource product, specifically the sqlo_try_in_loop component in version 7.2.11. The issue allows an attacker to trigger a Denial of Service (DoS) by sending crafted SQL statements. The CVSSv3.1 metrics indicate a NETWORK attack vector, low attack c...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 12:0 a.m.33 views

CVE-2025-61029

An issue in the sqlountry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

0.0035EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/23 12:0 a.m.5 views

CVE-2025-61029

An issue in the sqlountry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.8AI score0.0035EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/10 5:57 a.m.14 views

CVE-2026-46718

A flaw was found in Apache Calcite when processing specially crafted queries. An authenticated user could trigger unintended application behavior through affected query-processing functionality. Exploitation requires access to the vulnerable feature and is limited to the application's operating...

6.5CVSS5.3AI score0.00436EPSS
Exploits0References5
Redos
Redos
added 2026/06/09 12:0 a.m.15 views

ROS-20260609-73-0008

The vulnerability of the SQL Expressions function on the Grafana monitoring and observation platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and gain unauthorized access to the platform by sending speciall...

9.1CVSS6.1AI score0.01929EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.10 views

CVE-2026-35194

Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions 1.15.0+ and LIKE...

8.1CVSS6.2AI score0.00381EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.11 views

IBM DB2 Multiple Vulnerabilities (7273554, 7273555, 7273556, 7273557, 7273558) (Unix)

According to its self-reported version number, IBM Db2 is affected by multiple vulnerabilities: - IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user. CVE-2025-13755 - IBM Db2 is vulnerable to a...

7.5CVSS5.8AI score0.00362EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.24 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain security vulnerabilities. These vulnerabilities arise from specially crafted queries when autonomous transactions are enabled, which may lead to denial-of-service...

7.1CVSS5.8AI score0.00362EPSS
Exploits0References1
Rows per page
Query Builder