CVE-2026-33566

There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered...

CVE-2026-33566

There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered...

CVE-2026-33566

CVE-2026-33566 is a cypher injection issue in LogonTracer prior to v2.0.0. When specially crafted Windows event log data is loaded, the contents of the database may be altered. The issue is documented across multiple sources (NVD, CVE List, JVN) and is addressed by updating to LogonTracer v2.0.0....

PT-2026-35276

There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered...

CVE-2022-35946

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In affected versions request input is not properly validated in the plugin controller and can be used ...

EUVD-2018-1349

Malware in sbrugna...

EUVD-2025-13580

Malicious code in bioql PyPI...

EUVD-2023-51720

Malicious code in bioql PyPI...

EUVD-2021-8150

Malicious code in bioql PyPI...

CVE-2024-33622

Missing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, sensitive information may be obtained and/or the information stored in the database may be altered by a remote authenticated attacker...

CVE-2021-20736

NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to obtain and/or alter the information stored in the database via unspecified vectors...

CVE-2021-38159

In certain Progress MOVEit Transfer versions before 2021.0.4 aka 13.0.4, SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an...

CVE-2024-31077

CVE-2024-31077 affects Forminator (WordPress plugin) prior to 1.29.3. The issue is an SQL Injection in the admin-facing form handling that can be triggered by an authenticated admin, enabling access/alteration of database data and potential DoS. Remediation is to upgrade Forminator to 1.29.3 or l...

CVE-2023-47609

SQL injection vulnerability in OSS Calendar versions prior to v.2.0.3 allows a remote authenticated attacker to execute arbitrary code or obtain and/or alter the information stored in the database by sending a specially crafted request...

CVE-2023-22332

Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4.1 4.4 series, 4.3.0 to 4.3.4 4.3 series, 4.2.0 to 4.2.11 4.2 series, 4.1.0 to 4.1.14 4.1 series, 4.0.0 to 4.0.21 4.0 series, All versions of 3.7 series, All versions of 3.6 series, All versions of 3.5 series, All versions of 3....

Design/Logic Flaw

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In affected versions request input is not properly validated in the plugin controller and can be used ...

CVE-2022-35946

GLPI vulnerability CVE-2022-35946 is a misvalidation in the plugin controller that can expose the low-level Plugin class API. An attacker with General setup rights can alter database data via this input handling flaw. The recommended fix is upgrading GLPI to version 10.0.3; as a workaround, remov...

CVE-2022-35946 SQL injection through plugin controller in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In affected versions request input is not properly validated in the plugin controller and can be used ...

CVE-2020-7114

A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur. Resolution: Fixed in...

CVE-2019-18464

In Progress MOVEit Transfer 10.2 before 10.2.6 2018.3, 11.0 before 11.0.4 2019.0.4, and 11.1 before 11.1.3 2019.1.3, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated attacker to gain unauthorized access to the database. Depending on the...