TypeORM vulnerable to SQL injection via crafted request to repository.save or repository.update

Summary SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false. Details Vulnerable Code: js const username, city, name = req.body; const updateData = username, city, name,...

EUVD-2025-36689

SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false...

GHSA-Q2PJ-6V73-8RGJ TypeORM vulnerable to SQL injection via crafted request to repository.save or repository.update

Summary SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false. Details Vulnerable Code: js const username, city, name = req.body; const updateData = username, city, name,...

CVE-2025-60542

CVE-2025-60542 (TypeORM) : SQL injection in TypeORM before 0.3.26 via crafted requests to repository.save or repository.update, resulting from sqlstring handling where stringifyObjects defaults to false. Public references indicate the issue arises in the MySQL driver path and can affect updates u...

X.Org Server present_create_notifies Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2025-60542

SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false...

TypeORM 安全漏洞

TypeORM is an excellent Node.js ORM framework open-sourced by TypeORM. The goal of the software is to maintain support for the latest Javascript features; with the following features: 1 provide one-to-one, many-to-one, one-to-many, many-to-many relational processing of tables; 2 to help develop a...

CVE-2025-62260

Liferay Portal 7.4.0 through 7.4.3.99, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number of objects returned from Headless API requests, which allows remote attackers to perform denial-of-servi...

Liferay Portal和Liferay DXP 资源管理错误漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

PT-2025-44052

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.3 GA through update 35 Liferay Portal versions 7.4.0 through 7.4.3.99 Liferay Portal versions 7.4 GA through update 92 Liferay DXP versions 2023.Q3.1 through 2023.Q3.4 Description The software does not limit the numbe...

CVE-2023-53708

In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPITYPEPACKAGE objects If a badly constructed firmware includes multiple ACPITYPEPACKAGE objects while evaluating the AMD LPS0 DSM, there will be a memory leak. Explicitly guard against this...

PT-2025-43109

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to ACPI handling during system sleep state transitions s2idle. Specifically, the kernel does not adequately handle multiple ACPI TYPE PACKAGE...

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

VulnCheck KEV: CVE-2025-2746

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through...

Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability

Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could allow an attacker to control administrative objects...

VulnCheck KEV: CVE-2025-2747

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.1...

Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability

Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could allow an attacker to control administrative objects...

SUSE CVE-2025-61907

Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information tha...

CVE-2025-61907

Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information tha...

CVE-2025-60641

The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserializebase64decode$POST'mexcel', where $POST'mexcel' is user-controlled input. This input is decoded from base64 and deserialized without validation or use of the allowedclasses option, allowing an attacker to...