Lucene search
K

41 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: hibernate (UTSA-2026-016690)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016690 advisory. A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit...

6.5CVSS6.8AI score0.02126EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libhibernate3-java

A flaw was discovered in Hibernate-core in versions prior to and including 5.4.23.Final. An SQL injection occurs in the implementation of the JPA Criteria API; this allows unsanitized literals to be used in SQL comments within queries. This flaw could enable attackers to access unauthorized...

7.4CVSS7.1AI score0.02907EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1070

Malicious code in bioql PyPI...

7.4CVSS7.5AI score0.02907EPSS
Exploits0References34
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-0917

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.02126EPSS
Exploits0References26
RedHat Linux
RedHat Linux
added 2025/06/25 12:21 a.m.3 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.5 views

SUSE CVE-2019-14900

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access...

6.5CVSS7.6AI score0.02126EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:53 a.m.6 views

SUSE CVE-2020-25638

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.6AI score0.02907EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/02/10 11:5 p.m.81 views

SQL Injection in Hibernate ORM

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access...

6.5CVSS4.7AI score0.02126EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/02/10 11:5 p.m.34 views

GHSA-8GRG-Q944-CCH5 SQL Injection in Hibernate ORM

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access...

6.5CVSS8.1AI score0.02126EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/02/09 10:57 p.m.248 views

SQL injection in hibernate-core

A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an...

7.4CVSS8AI score0.02907EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2022/02/09 10:57 p.m.32 views

GHSA-J8JW-G6FQ-MP7H SQL injection in hibernate-core

A flaw was found in hibernate-core in versions prior to 5.3.20.Final and in 5.4.0.Final up to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an...

7.4CVSS7.7AI score0.02907EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2021/08/11 6:21 p.m.5 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/06/29 8:54 a.m.4 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/02/17 1:40 p.m.5 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/02/17 12:7 p.m.6 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/02/02 10:25 a.m.7 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/01/07 11:49 a.m.6 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/03 7:13 p.m.5 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
OSV
OSV
added 2020/12/02 3:15 p.m.21 views

CVE-2020-25638

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score
Exploits0References8
OSV
OSV
added 2020/12/02 3:15 p.m.3 views

DEBIAN-CVE-2020-25638

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.7AI score0.02907EPSS
Exploits0References1
Rows per page
Query Builder