Lucene search
K

20 matches found

CVE
CVE
added 2026/06/30 8:54 p.m.21 views

CVE-2026-44628

CVE-2026-44628 corresponds to an OFFIS DCMTK Toolkit Type Confusion issue. An unauthenticated attacker can crash the worklist server by sending a single crafted query when the server has a valid Called AE Title/storage directory, the expected lockfile, and at least one matching worklist record. T...

8.7CVSS5.8AI score0.00395EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/23 8:48 a.m.1 views

CVE-2026-4580 code-projects Simple Laundry System Parameters checkupdatestatus.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /checkupdatestatus.php of the component Parameters Handler. The manipulation of the argument serviceId results in sql injection. The attack can be executed remotely. The...

7.5CVSS5.7AI score0.00329EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-24869

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00425EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-46028

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00574EPSS
Exploits0References4
CVE
CVE
added 2025/09/09 4:33 p.m.15 views

CVE-2025-58993

CVE-2025-58993 affects the WordPress Tutor LMS plugin (Themeum Tutor LMS) up to version 3.7.4. It is a SQL Injection vulnerability caused by improper neutralization of input in SQL queries. CVSS v3.1 base score 7.6 (HIGH) with network attack vector, no user interaction, and high confidentiality i...

7.6CVSS5.9AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.4 views

CVE-2025-20262

A vulnerability in the Protocol Independent Multicast Version 6 PIM6 feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denia...

5CVSS6.7AI score0.00324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/31 7:2 p.m.5 views

CVE-2024-51473

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5.0.0 through 10.5.0.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

7.5CVSS6.2AI score0.00291EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/11/21 8:34 p.m.2 views

CVE-2024-52615

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected...

5.3CVSS7.2AI score0.00574EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.4 views

PT-2024-35400

Name of the Vulnerable Software and Affected Versions Avahi-daemon affected versions not specified Description A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected. Recommendations ...

5.3CVSS6.8AI score0.00574EPSS
Exploits0References84
CNVD
CNVD
added 2023/04/18 12:0 a.m.8 views

Fortinet FortiAnalyzer Input Validation Error Vulnerability

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...

7.1CVSS7AI score0.00187EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/29 12:0 a.m.12 views

CVE-2022-42428

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of...

7.2CVSS8.9AI score0.0287EPSS
Exploits0References1
OSV
OSV
added 2023/03/27 1:15 a.m.28 views

CVE-2023-28867

In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...

7.5CVSS7.6AI score
Exploits0References5
CNNVD
CNNVD
added 2022/06/15 12:0 a.m.4 views

YouDianCMS SQL注入漏洞

YouDianCMS is a website CMS. YoudianCMS version v9.5.0 suffers from a SQL injection vulnerability, which originates from the id parameter at /App/Lib/Action/Admin/SiteAction.class.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

8.8CVSS6.1AI score0.0102EPSS
Exploits1References2
OSV
OSV
added 2020/04/09 2:15 p.m.0 views

CVE-2020-9500

Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down...

4.9CVSS5.8AI score
Exploits0References1
CNVD
CNVD
added 2017/10/20 12:0 a.m.5 views

WordPress InLinks Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.InLinks plugin is one of the link creation plugin. A SQL injection vulnerability exists in WordPress InLinks plugin...

8.8CVSS8.3AI score0.02002EPSS
Exploits1References1
CNVD
CNVD
added 2016/09/21 12:0 a.m.3 views

SQL Injection Vulnerability in UFIDA Financials /target/services/userInfoWeb?wsdl Page

UFIDA Financials is a financial management software. A SQL injection vulnerability exists in the UFIDA Financial System /target/services/userInfoWeb?wsdl page. An attacker can exploit the vulnerability to obtain database information...

7.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.36 views

openSUSE Security Update : vte (openSUSE-SU-2010:0404-1)

VTE was vulnerable to an old title set+query attack which could be used by remote attackers to execute arbitrary code CVE-2010-2713. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update vte-2729. T...

6.8CVSS6AI score0.03343EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/01/21 12:0 a.m.22 views

SuSE 11.1 Security Update : vte, vte-debuginfo, vte-debugsource, vte-devel, vte-doc, vte-lang (SAT Patch Number 2718)

This update fixes a vulnerability of VTE to an old title set and query attack which could be used by remote attackers to execute arbitrary code. CVE-2010-2713 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...

6.8CVSS5.6AI score0.03343EPSS
Exploits1References3
exploitpack
exploitpack
added 2007/06/08 12:0 a.m.9 views

Ibrahim Ã?AKICI - Okul Portal Haber_Oku.asp SQL Injection

Ibrahim Ã?AKICI - Okul Portal HaberOku.asp SQL Injection source: https://www.securityfocus.com/bid/24379/info Ibrahim Ã?AKICI Okul Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploi...

0.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.12 views

ISC BIND < 8.1.2 Inverse-Query Remote Overflow (deprecated)

Binary data 1015.prm...

10CVSS7.3AI score0.29013EPSS
Exploits0References1
Rows per page
Query Builder