SUSE CVE-2017-2518

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial o...

SUSE CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

SUSE CVE-2022-27380

An issue in the component mydecimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

SUSE CVE-2022-27383

MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component mystrcasecmp8bit, which is exploited via specially crafted SQL statements...

SUSE CVE-2022-27385

An issue in the component Usedtablesandconstcache::usedtablesandconstcachejoin of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service DoS via specially crafted SQL statements...

SUSE CVE-2022-27387

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimalbinsize, which is exploited via specially crafted SQL statements...

phpMyAdmin 跨站脚本漏洞

phpMyAdmin is a free, web-based MySQL database management tool from the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin versions prior...

Cisco Unified Communications Manager SQLi (cisco-sa-cucm-sql-rpPczR8n)

The version of Cisco Unified Communications installed on the remote host is prior to tested version. It is, therefore, affected by an SQL injection vulnerability in the web-based management interface as referenced in the cisco-sa-cucm-sql-rpPczR8n advisory. An attacker authenticated as a...

Cisco Unified Communications Manager SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This...

CVE-2022-22338

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 219510...

The vulnerability of the Item_subselect::init_expr_cache_tracker component in the MariaDB database allows a hacker to trigger a service failure.

The vulnerability of the Itemsubselect::initexprcachetracker component in the MariaDB database system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a specially crafted SQL...

The vulnerability of the Create_tmp_table::finalize component of the MariaDB database, which allows a hacker to trigger a service failure.

The vulnerability of the Createtmptable::finalize component in the MariaDB database lies in the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to trigger service failures through a specially crafted SQL query...

mariadb: server crash in create_tmp_table::finalize

A flaw was found in MariaDB. The component, Createtmptable::finalize, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

mariadb: assertion failure in Item_args::walk_arg

A use-after-free flaw was found in Maria DB. The MariaDB Server contains a use-after-free in the component, Itemargs::walkarg, which is exploited via specially crafted SQL statements, affecting availability...

mariadb: assertion failures in decimal_bin_size

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...

mariadb: assertion failure in Item_args::walk_arg

A use-after-free flaw was found in Maria DB. The MariaDB Server contains a use-after-free in the component, Itemargs::walkarg, which is exploited via specially crafted SQL statements, affecting availability...

mariadb: assertion failures in decimal_bin_size

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...

CVE-2022-22389

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740...

CVE-2019-4575

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM...

Sql injection

IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM...