Lucene search
K

7 matches found

Snyk
Snyk
added 2026/05/08 8:25 p.m.14 views

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Overview Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' via the processing of JDBC connection URL parameters. An attacker can execute arbitrary code by supplying a crafted connection URL that causes the loading...

9.2CVSS6.3AI score0.00573EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-46058

Malicious code in bioql PyPI...

8.8CVSS8.2AI score0.00773EPSS
Exploits0References1
CNVD
CNVD
added 2024/12/06 12:0 a.m.4 views

IBM Data Virtualization Manager Code Execution Vulnerability

IBM Data Virtualization Manager is a general-purpose query engine from International Business Machines IBM that performs distributed and virtualized queries across databases, data warehouses, data lakes, and streaming data. A code execution vulnerability exists in IBM Data Virtualization Manager...

8.8CVSS6.9AI score0.00773EPSS
Exploits0References1
OSV
OSV
added 2024/11/26 1:15 a.m.4 views

CVE-2024-52899

IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server...

8.8CVSS5.9AI score0.00773EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/26 12:34 a.m.10 views

CVE-2024-52899 IBM Data Virtualization Manager code execution

IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server...

8.5CVSS6.9AI score0.00773EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/26 12:34 a.m.15 views

CVE-2024-52899 IBM Data Virtualization Manager code execution

IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server...

8.5CVSS0.00773EPSS
Exploits0References1
CVE
CVE
added 2024/11/26 12:34 a.m.60 views

CVE-2024-52899

IBM Data Virtualization Manager for z/OS is affected in v1.1 and v1.2 by a code-execution vulnerability where an authenticated user can inject malicious JDBC URL parameters to execute server code. Root cause: improper filtering of elements that form code segments (CRLF injection). Impact: remote ...

8.8CVSS8.5AI score0.00773EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder