Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

OSV
OSVadded 2026/05/21 3:49 p.m.4 views

CLSA-2026-1779378574 dovecot: Fix of 2 CVEs

CVE-2026-42006: lib-imap: fix listcountlimit to actually count open '' instead of close '', preventing an imap-login memory-exhaustion DoS that bypassed the CVE-2026-27857 fix...

7.5CVSS5.8AI score0.0003EPSS
Exploits1References1
OSV
OSVadded 2026/05/21 10:40 a.m.5 views

CLSA-2026-1779360036 dovecot: Fix of CVE-2026-42006

CVE-2026-42006: fix imap-login listcountlimit to actually limit open '' characters; the previous fix limited closing '' instead, leaving the bracing memory exhaustion vector open...

4.3CVSS5.8AI score0.00013EPSS
Exploits0References1
OSV
OSVadded 2026/05/15 11:22 p.m.2 views

CLSA-2026-1778882329 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: improve fix by enforcing listcountlimit on '' openlist instead of '' closelist; the previous fix did not actually limit memory growth from many '' characters...

7.5CVSS5.8AI score0.0003EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-24004

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00051EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-24005

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00073EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-24002

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00059EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/08/10 12:15 a.m.3 views

CVE-2025-50467

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query...

6.5CVSS6.9AI score0.00051EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/10 12:15 a.m.2 views

CVE-2025-50466

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query...

7.1CVSS6.9AI score0.00076EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/08/10 12:15 a.m.4 views

CVE-2025-50465

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query...

8.8CVSS6.9AI score0.00059EPSS
Exploits0References1
Snyk
Snykadded 2025/08/08 5:41 p.m.2 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the listCount function in the TestDefinitionDAO interface when the supportedDataTypeParam parameter is used to construct a SQL query. An attacker can extract sensitive information from the database by injecting crafted...

7.1CVSS7.6AI score0.00051EPSS
Exploits0References2
OSV
OSVadded 2025/08/08 5:15 p.m.3 views

CVE-2025-50466

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query...

6.5CVSS7.2AI score
Exploits0References3
OSV
OSVadded 2025/08/08 5:15 p.m.3 views

CVE-2025-50465

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query...

8.8CVSS7.2AI score
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/08/08 12:0 a.m.3 views

CVE-2025-50466

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query...

7.1CVSS6.8AI score0.00076EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/08/08 12:0 a.m.3 views

PT-2025-32372 · Unknown · Openmetadata

Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.4.4 Description: OpenMetadata is susceptible to a SQL injection issue. An attacker can extract information from the database through the listCount function within the DocStoreDAO interface. The entityType...

6.5CVSS7.4AI score0.00073EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2025/08/08 12:0 a.m.19 views

CVE-2025-50465

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query...

7.1CVSS6.8AI score0.00059EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/08/08 12:0 a.m.3 views

CVE-2025-50468

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query...

6.8AI score0.00073EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/08/08 12:0 a.m.2 views

CVE-2025-50467

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query...

6.8AI score0.00051EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/08/08 12:0 a.m.6 views

CVE-2025-50468

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query...

0.00073EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/08/08 12:0 a.m.5 views

PT-2025-32376 · Unknown · Openmetadata

Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.4.5 Description: OpenMetadata is susceptible to a SQL injection issue. An attacker can extract information from the database through the listCount function within the TestDefinitionDAO interface. The...

8.8CVSS7.4AI score0.00059EPSS
Exploits0References9
SUSE CVE
SUSE CVEadded 2023/02/15 5:11 a.m.1 views

SUSE CVE-2015-8738

The s7commdecodeudcpuszlsubfunc function in epan/dissectors/packet-s7commszlids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via ...

5.5CVSS6.8AI score0.00093EPSS
Exploits0References2
Rows per page
Query Builder