EUVD-2023-50954

Malicious code in bioql PyPI...

EUVD-2023-29127

Malicious code in bioql PyPI...

EUVD-2025-20232

Malicious code in bioql PyPI...

EUVD-2025-22325

Malicious code in bioql PyPI...

EUVD-2023-44082

Malicious code in bioql PyPI...

EUVD-2023-49639

Malicious code in bioql PyPI...

EUVD-2024-0106

Malicious code in bioql PyPI...

EUVD-2024-0108

Malicious code in bioql PyPI...

PT-2025-36558

Name of the Vulnerable Software and Affected Versions: SAP ABAP affected versions not specified Description: The issue involves a missing input validation in ABAP reports. An attacker with high privilege access could delete the content of arbitrary database tables not protected by an authorizatio...

KB5063761 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: August 12, 2025

KB5063761 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: August 12, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

CVE-2025-7036

The CleverReach® WP plugin for WordPress is vulnerable to time-based SQL Injection via the ‘title’ parameter in all versions up to, and including, 1.5.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

CVE-2025-50465

OpenMetadata

CVE-2025-48709

BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...

CVE-2025-54788

CVE-2025-54788 corresponds to a SQL injection in the SuiteCRM InboundEmail module. The issue allows arbitrary backend SQL queries, impacting confidentiality, integrity, and availability by enabling data retrieval, modification, or deletion. Affected: SuiteCRM (InboundEmail module) in versions pri...

CVE-2025-54788 SuiteCRM: Authenticated Blind SQL Injection in InboundEmail module

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. In versions and below, the InboundEmail module allows the arbitrary execution of queries in the backend database, leading to SQL injection. This can have wide-reaching implications on...

CVE-2025-7036

The CleverReach® WP plugin for WordPress is vulnerable to time-based SQL Injection via the ‘title’ parameter in all versions up to, and including, 1.5.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

CVE-2025-54119 ADOdb's sqlite3 driver allows SQL injection

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database a...

CVE-2024-52894 IBM Db2 for Linux, UNIX and Windows denial of service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2025-54428

RevelaCode is an AI-powered faith-tech project that decodes biblical verses, prophecies and global events into accessible language. In versions below 1.0.1, a valid MongoDB Atlas URI with embedded username and password was accidentally committed to the public repository. This could allow...

CVE-2025-54428 RevelaCode exposes Sensitive MongoDB Atlas URI in .env (potential credential leak)

RevelaCode is an AI-powered faith-tech project that decodes biblical verses, prophecies and global events into accessible language. In versions below 1.0.1, a valid MongoDB Atlas URI with embedded username and password was accidentally committed to the public repository. This could allow...