Lucene search
+L

3 matches found

OSV
OSV
added 2024/07/08 2:20 p.m.19 views

GHSA-FG4Q-CCQ8-3R5Q NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities

Impact A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes: - Mappings using inheritance with discriminator values: - The discriminator value could be written in the mapping in a...

8.2CVSS8AI score0.00578EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/05/22 12:0 a.m.10 views

The vulnerability of the ComponentManager.StartupCultureSettings component of the CODESYS Development System application programming framework allows a attacker to execute arbitrary commands.

The vulnerability of the ComponentManager.StartupCultureSettings component in the CODESYS Development System application development framework is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

7.8CVSS7.6AI score0.01727EPSS
Exploits1References6Affected Software3
Positive Technologies
Positive Technologies
added 2021/08/02 12:0 a.m.12 views

PT-2021-7766 · 3S Smart Software Solutions · Codesys Development System

Name of the Vulnerable Software and Affected Versions: CODESYS Development System versions 3.5.16 through 3.5.17 Description: A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality. This issue can be exploited by providing a...

7.8CVSS7.7AI score0.01727EPSS
Exploits1References9
Rows per page
Query Builder