EUVD-2026-32504

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

CVE-2026-9617

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

kernel: Linux kernel: Device Mapper RAID out-of-bounds access

A flaw was found in the Linux kernel's device mapper dm RAID component. This vulnerability allows an attacker to cause an out-of-bounds memory access via loading a crafted dm-raid table. This may lead to a crash...

JLSEC-2026-33

A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality...

CVE-2025-62228 Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers

Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue...

PT-2025-41380

Name of the Vulnerable Software and Affected Versions Apache Flink CDC version 3.4.0 Description The software is susceptible to a SQL injection due to maliciously crafted identifiers, such as a crafted database name or table name. The attack can only be triggered by a logged-in database user...

EUVD-2014-9477

Malware in sbrugna...

EUVD-2022-46897

Malicious code in bioql PyPI...

EUVD-2022-2329

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-1000018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name CVE-2017-1000018 Note that Nessus...

SQL Injection

adodb/adodb-php is vulnerable to SQL Injection. The vulnerability is due to improper escaping of query parameters due to crafted table names being passed to the metaColumns, metaForeignKeys, or metaIndexes methods when connected to a sqlite3 database...

UBUNTU-CVE-2025-54119

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database a...

CVE-2017-9449

SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. The attacker creates a crafted table name at admin/developer/modules/views/create/ and the injection is visible ...

phpMyAdmin XSS when checking tables

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...

DEBIAN-CVE-2025-24530

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...

CVE-2025-24530

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...

UBUNTU-CVE-2025-24530

An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS...

CVE-2025-24530

PHPMyAdmin 5.x prior to 5.2.2 is affected by an XSS vulnerability in the check tables feature. A crafted table or database name could be used to trigger XSS. Mitigation: upgrade to 5.2.2 or newer as indicated by multiple advisories (e.g., Debian openSUSE/Security advisories).

Information disclosure

IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to information Disclosure due to improper privilege management when a specially crafted table access is used. IBM X-Force ID: 241671...

SUSE CVE-2009-3696

Cross-site scripting XSS vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table...