6 matches found
CVE-2025-64488
The CVE-2025-64488 affects SuiteCRM. An attacker can craft a malicious call_id to alter SQL query logic or inject arbitrary SQL, leading to unauthorized data access, data exfiltration, and potentially full database compromise. Affected versions: SuiteCRM 7.14.7 and earlier, and 8.0.0-beta.1 throu...
CVE-2025-64488 SuiteCRM: Authenticated SQL Injection Possible in Reschedule Call Module
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. In versions 7.14.7 and below and 8.0.0-beta.1 through 8.9.0 8.0.0-beta.1, an attacker can craft a malicious callid that alters the logic of the SQL query or injects arbitrary SQL. An attack can...
CVE-2025-64488 SuiteCRM: Authenticated SQL Injection Possible in Reschedule Call Module
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. In versions 7.14.7 and below and 8.0.0-beta.1 through 8.9.0 8.0.0-beta.1, an attacker can craft a malicious callid that alters the logic of the SQL query or injects arbitrary SQL. An attack can...
CVE-2025-64488 SuiteCRM: Authenticated SQL Injection Possible in Reschedule Call Module
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. In versions 7.14.7 and below and 8.0.0-beta.1 through 8.9.0 8.0.0-beta.1, an attacker can craft a malicious callid that alters the logic of the SQL query or injects arbitrary SQL. An attack can...
EUVD-2023-59816
Malicious code in bioql PyPI...
SUSE CVE-2025-39782
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock. However,...