CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Veracode•added 2025/11/07 7:33 a.m.•2 views

SQL Injection

org.open-metadata, openmetadata-service is vulnerable to SQL Injection. The vulnerability is due to improper handling of the entityType parameter in DocStoreDAO.listCount allowing attackers to supply crafted entityType values that modify the query and extract arbitrary data from the database...

6.5CVSS7.7AI score0.00073EPSS

Exploits1References2Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-24005

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00073EPSS

Exploits1References3

OSV•added 2025/08/08 5:15 p.m.•2 views

CVE-2025-50468

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query...

6.5CVSS7.2AI score

Exploits0References3

Positive Technologies•added 2025/08/08 12:0 a.m.•3 views

PT-2025-32372 · Unknown · Openmetadata

Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.4.4 Description: OpenMetadata is susceptible to a SQL injection issue. An attacker can extract information from the database through the listCount function within the DocStoreDAO interface. The entityType...

6.5CVSS7.4AI score0.00073EPSS

Exploits1References7