5 matches found
EUVD-2023-1486
Malicious code in bioql PyPI...
CVE-2024-45198
insightsoftware Spark JDBC 2.6.21 has a remote code execution vulnerability. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution...
CVE-2024-45199
CVE-2024-45199 - summary from provided documents : The issue affects insightsoftware Hive JDBC driver up to version 2.6.13. A remote code execution vulnerability arises when attackers inject malicious parameters into the JDBC URL, triggering a JNDI injection during the connection process with the...
CVE-2025-30067 Apache Kylin: The remote code execution via jdbc url
Improper Control of Generation of Code 'Code Injection' vulnerability in Apache Kylin. If an attacker gets access to Kylin's system or project admin permission, the JDBC connection configuration maybe altered to execute arbitrary code from the remote. You are fine as long as the Kylin's system an...
CVE-2022-23221
H2Database/H2 Console, affected version before 2.1.210, is vulnerable to remote code execution via a crafted JDBC URL in the H2 Console. The vulnerability is triggered by a substring in the URL jdbc:h2:mem with IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT, enabling arbitrary ...