CVE-2026-41640

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using...

ai.platon.pulsar:pulsar-persist (>=1.9.0 <=1.10.23), be.eliwan:eoddata-client (=1.0) +2293 more potentially affected by CVE-2026-42404 via org.apache.neethi:neethi (>=3.0.0 <=3.2.1)

org.apache.neethi:neethi MAVEN version =3.0.0, =1.9.0, =1.1.7, =1.1.9, =1.2.5, =3.00.4, =3.00.3, =4.00.10, =11.4-37, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.1.0.RELEASE and more Source cves: CVE-2026-42404 Source advisory: SNYK:JAVA-ORGAPACHENEETHI-16354029...

BIT-MARIADB-2021-46661

MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE...

CVE-2023-40610

Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. Using the default examples database connection that allows access to both the examples schema and Apache Superset's metadata database, an attacker using a specially crafted CTE SQL stateme...

PT-2023-27540 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions up to but excluding 2.1.2 Description: The issue is related to an improper authorization check, which could lead to possible privilege escalation. Using the default examples database connection, an attacker could acce...

cte-it.org Cross Site Scripting vulnerability OBB-3695044

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Medium: mariadb

Issue Overview: getsortbytable in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. CVE-2021-46657 MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECTLEX::nestlevel is local to each VIEW. CVE-2021-46659 MariaDB through...

EulerOS Virtualization 3.0.2.6 : mariadb (EulerOS-SA-2023-1071)

According to the versions of the mariadb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expressio...

br.com.swconsultoria:java-cte (>=3.00.4 <=4.00.14), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +180 more potentially affected by CVE-2012-5785 via org.apache.axis2:axis2-transport-http (>=1.5 <=1.7.9)

org.apache.axis2:axis2-transport-http MAVEN version =1.5, =3.00.4, =3.00.3, =4.00.10, =0.5.9, =0.3, =0.1.10, =0.0.3, =1.0.1.RELEASE, =9.00.2110.07.220316, =1.0.0, =1.0.22, =0.0.1, =1.0.0 and more Source cves: CVE-2012-5785 Source advisory: OSV:GHSA-WWQ7-PXWC-P4RC...

FreeBSD : MariaDB -- Multiple vulnerabilities (27bf9378-8ffd-11ec-8be6-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 27bf9378-8ffd-11ec-8be6-d4c9ef517024 advisory. - MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist...

MariaDB DoS Vulnerability (MDEV-25766) - Windows

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

MariaDB DoS Vulnerability (MDEV-25766) - Linux

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

DEBIAN-CVE-2021-46661

MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE...

CVE-2021-46661

MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE...

CVE-2021-46661

MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE...

CVE-2021-46661

CVE-2021-46661 affects MariaDB up to 10.5.9. The vulnerability is an application crash caused by an unused common table expression (CTE) in find_field_in_tables and find_order_in_list. Consequence: local crash (potential DoS) when processing queries using that code path. Connected advisories conf...

br.com.swconsultoria:java-cte (>=3.00.4 <=3.00.8), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +1215 more potentially affected by CVE-2020-15522 via org.bouncycastle:bcprov-jdk16 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk16 MAVEN version =1.38, =3.00.4, =3.00.3, =4.00.10, =1.0, =2.0, =1.2.4, =2.0.0, =2.1, =2.1, =2.10.0, =2.10.0, =2.11.0 and more Source cves: CVE-2020-15522 Source advisory: OSV:GHSA-6XX3-RG99-GC3P...

br.com.swconsultoria:java-cte (>=3.00.4 <=3.00.8), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +1215 more potentially affected by CVE-2020-26939 via org.bouncycastle:bcprov-jdk16 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk16 MAVEN version =1.38, =3.00.4, =3.00.3, =4.00.10, =1.0, =2.0, =1.2.4, =2.0.0, =2.1, =2.1, =2.10.0, =2.10.0, =2.11.0 and more Source cves: CVE-2020-26939 Source advisory: OSV:GHSA-72M5-FVVV-55M6...