7 matches found
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Overview Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' via the processing of JDBC connection URL parameters. An attacker can execute arbitrary code by supplying a crafted connection URL that causes the loading...
EUVD-2024-46058
Malicious code in bioql PyPI...
IBM Data Virtualization Manager Code Execution Vulnerability
IBM Data Virtualization Manager is a general-purpose query engine from International Business Machines IBM that performs distributed and virtualized queries across databases, data warehouses, data lakes, and streaming data. A code execution vulnerability exists in IBM Data Virtualization Manager...
CVE-2024-52899
IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server...
CVE-2024-52899 IBM Data Virtualization Manager code execution
IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server...
CVE-2024-52899 IBM Data Virtualization Manager code execution
IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server...
CVE-2024-52899
IBM Data Virtualization Manager for z/OS is affected in v1.1 and v1.2 by a code-execution vulnerability where an authenticated user can inject malicious JDBC URL parameters to execute server code. Root cause: improper filtering of elements that form code segments (CRLF injection). Impact: remote ...