SUSE CVE-2026-42944

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

DEBIAN-CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

EUVD-2019-16247

Malware in sbrugna...

EUVD-2022-1987

Malicious code in bioql PyPI...

PYSEC-2024-84

Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsDB platform, enabling a maliciously uploaded ‘inhouse’ model to run arbitrary code on the server when a ‘describe’ query is run on it...

DEBIAN-CVE-2024-23833

OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefineversion=3.7.7 where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver library in the latest...

PT-2023-28018 · Grupposcai · Realgimm

Name of the Vulnerable Software and Affected Versions: GruppoSCAI RealGimm version 1.1.37p38 Description: An improper error handling issue in the ErroreNonGestito.aspx component allows attackers to obtain sensitive technical information via a crafted SQL query. Recommendations: For GruppoSCAI...

CVE-2023-33857

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695...

CVE-2022-27127

zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php/ajax.php...

CVE-2020-12745

An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 May 2020...

NewMark CMS 2.1 - 'sec_id' SQL Injection

Exploit Title: NewMark CMS 2.1 - SQL Injection secid Google Dork: /catalog/?sectid= Date: 2018-06-20 Exploit Author: Berk Dusunur Vendor Homepage: https://nmark.ru/ Software Link: https://nmark.ru/razrabotka/korporativniy-sayt/ Version: v2.1 Tested on: Pardus CVE : N/A Prof Of Consept sec id...

sfsezbizpro-sql.txt

| | | EZ BIZ PRO track.php id Remote SQL Injection Vulnerability | | |-------------------- IQ-SecuritY ------------------- | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | script : http://www.scripts-for-sites.info/item.php?item=131 | | DorK :...

Google Toolbar 1.1.60 - Search Function Denial of Service

Google Toolbar 1.1.60 - Search Function Denial of Service source: https://www.securityfocus.com/bid/5477/info Reportedly, when the Google Toolbar receives a search query it may cause Microsoft Internet Explorer to crash. When a user views a malicious web page it will cause the Google Toolbar to...

Microsoft Index Server 2.0 - File Information / Full Path Disclosure

source: https://www.securityfocus.com/bid/3339/info The sqlqhit.asp sample file is used for performing web-based SQL queries. Malicious users could send specifically crafted HTTP request to an Internet Information Services server running Index Server to reveal path information, file attributes, a...

CVE-2000-0866

Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes...