Lucene search
K

222 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/23 7:57 a.m.9 views

Multiple vulnerabilities in LogonTracer

Overview LogonTracer provided by Japan Computer Emergency Response Team Coordination Center JPCERT/CC is a tool to investigate malicious Windows logons by visualizing and analyzing Windows event logs. LogonTracer contains multiple vulnerabilities listed below. OS command injection CWE-78 -...

8.8CVSS5.7AI score0.01213EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/23 12:31 a.m.4 views

EUVD-2026-25125

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References2
NVD
NVD
added 2026/04/23 12:16 a.m.4 views

CVE-2026-1352

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

6.5CVSS0.00328EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/22 11:37 p.m.5 views

CVE-2026-1352

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/20 12:32 p.m.6 views

EUVD-2026-23822

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/20 11:13 a.m.8 views

Improper Neutralization of Special Elements in Data Query Logic

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic in the Asset Handler and Aggregate Handler components. An attacker can access, modify, or disrupt sensitive data by injecting specially crafted elements into data query...

6.5CVSS6.6AI score0.00232EPSS
Exploits0References2
NVD
NVD
added 2026/04/20 10:16 a.m.5 views

CVE-2026-6626

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS0.00232EPSS
Exploits0References4
CVE
CVE
added 2026/04/20 9:45 a.m.11 views

CVE-2026-6626

Technical details are not publicly provided in the supplied documents. The CVE affects Cockpit-HQ Cockpit up to 2.13.5 (Asset Handler/Aggregate Handler data query logic); remote exploit claimed. Monitor for updates.

6.5CVSS6.2AI score0.00232EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/20 9:45 a.m.6 views

CVE-2026-6626

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/20 9:45 a.m.36 views

CVE-2026-6626 Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS0.00232EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.8 views

PT-2026-33749

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/06 5:56 p.m.4 views

Improper Neutralization of Special Elements in Data Query Logic

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic in the CQL queries. An attacker can manipulate query logic to bypass authentication or extract sensitive data by injecting arbitrary CQL operators through user-controlled...

7.3CVSS5.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.4 views

CVE-2026-4593

A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. It is possible to...

6.5CVSS6.2AI score0.00192EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/23 6:42 p.m.2 views

SQL Injection: Hibernate

Overview Affected versions of this package are vulnerable to SQL Injection: Hibernate in the EruptDataQuery function of the MCP Tool Interface. An attacker can execute unauthorized SQL commands by manipulating input data processed by the application. Remediation Upgrade xyz.erupt:erupt-ai to...

6.5CVSS6.7AI score0.00192EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/23 6:30 p.m.3 views

EUVD-2026-14473

A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. It is possible to...

6.5CVSS6.2AI score0.00192EPSS
Exploits0References5
NVD
NVD
added 2026/03/23 5:16 p.m.4 views

CVE-2026-4593

A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. It is possible to...

6.5CVSS0.00192EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/23 4:55 p.m.1 views

CVE-2026-4593

A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. It is possible to...

6.5CVSS6.2AI score0.00192EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/23 4:55 p.m.1 views

CVE-2026-4593 erupts erupt MCP Tool EruptDataQuery.java EruptDataQuery sql injection

A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. It is possible to...

6.5CVSS6.2AI score0.00192EPSS
Exploits0References4
CVE
CVE
added 2026/03/23 4:55 p.m.10 views

CVE-2026-4593

CVE-2026-4593 describes a SQL injection in the EruptDataQuery function (erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java) within the MCP Tool Interface of erupts erupt bis 1.13.3. The issue arises from a manipulation that enables remote exploitation via a crafted input, with the ...

6.5CVSS5.4AI score0.00192EPSS
Exploits0References4
Fedora
Fedora
added 2026/03/13 1:19 a.m.5 views

[SECURITY] Fedora 43 Update: task-3.4.2-3.fc43

Taskwarrior is a command-line TODO list manager. It is flexible, fast, efficient, unobtrusive, does its job then gets out of your way. Taskwarrior scales to fit your workflow. Use it as a simple app that captures tasks, shows you the list, and removes tasks from that list. Leverage its capabiliti...

8.7CVSS5.8AI score0.01079EPSS
Exploits0
Rows per page
Query Builder