Lucene search
+L

45 matches found

ATTACKERKB
ATTACKERKB
added 2023/02/23 12:15 p.m.5 views

CVE-2022-2504

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection. This issue affects SDD-Baro: before 2.8.432...

9.8CVSS7.4AI score0.00626EPSS
Exploits0References3
OSV
OSV
added 2023/02/23 12:15 p.m.3 views

CVE-2022-2504

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection.This issue affects SDD-Baro: before 2.8.432...

9.8CVSS5.8AI score0.00626EPSS
Exploits0References1
NVD
NVD
added 2023/02/23 12:15 p.m.16 views

CVE-2022-2504

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection. This issue affects SDD-Baro: before 2.8.432...

9.8CVSS9.9AI score0.00626EPSS
Exploits0References2
Prion
Prion
added 2023/02/23 12:15 p.m.13 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection.This issue affects SDD-Baro: before 2.8.432...

7.5CVSS9.7AI score0.00626EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/23 11:33 a.m.19 views

CVE-2022-2504 SQLi in SDD-Baro

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SDD Computer Software SDD-Baro allows SQL Injection. This issue affects SDD-Baro: before 2.8.432...

9.8CVSS10AI score0.00626EPSS
Exploits0References2
CVE
CVE
added 2023/02/23 11:33 a.m.45 views

CVE-2022-2504

CVE-2022-2504 is an SQL Injection vulnerability in SDD-Baro prior to version 2.8.432, caused by improper neutralization of special elements in SQL commands. Affected product: SDD-Baro (SDD Computer Software). The NVD/NVD-listed data shows a high-impact, CRITICAL severity (CVSS v3.1: CVSS:3.1/AV:N...

9.8CVSS7.4AI score0.00626EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/02/23 12:0 a.m.5 views

SDD Bilgisayar Yazılım SDD-Baro SQL注入漏洞

SDD Bilgisayar Yazılım SDD-Baro is an application from SDD Bilgisayar Yazılım, Turkey. A security vulnerability exists in SDD Bilgisayar Yazılım SDD-Baro versions prior to 2.8.432, which stems from an unsatisfactory neutralization of a particular element used by the software, leading to SQL...

9.8CVSS8.6AI score0.00626EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/23 12:0 a.m.3 views

PT-2023-12777 · Sdd-Baro · Sdd-Baro

Name of the Vulnerable Software and Affected Versions: SDD-Baro versions prior to 2.8.432 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...

9.8CVSS9.7AI score0.00626EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2022/09/11 8:26 a.m.11 views

sdd-gmbh.de Cross Site Scripting vulnerability OBB-2912436

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/07/21 4:10 p.m.18 views

sdd-gmbh.de Cross Site Scripting vulnerability OBB-2805958

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 12:1 a.m.6 views

colorcat (>=0.0.2 <=0.2.10), karg (=0.1.2) +10 more potentially affected by CVE-2020-7618 +1 more via sds (>=1.14.1 <=4.4.0)

sds NPM version =1.14.1, =0.0.2, =0.2.2, =0.55.1, =1.0.0, =0.0.1, =0.1.1, =0.0.1, =1.0.3, =0.4.16, =0.1.1, =1.0.1, =1.0.2 Source cves: CVE-2020-7618, CVE-2022-25862 Source advisory: OSV:GHSA-PH28-WWFJ-FV7F...

7.5CVSS6.4AI score0.01114EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
added 2022/02/16 12:0 a.m.20 views

Omron CX-One SDD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SDD...

7.8CVSS7.6AI score0.09271EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/21 12:0 a.m.17 views

SICK SOPAS ET has an unspecified vulnerability

Sick Sopas Et is an engineering tool from the German company Sick.A security vulnerability exists in versions prior to SICK SOPAS ET 4.8.0, which could be exploited by an attacker to package any executable file into an SDD and make it available to SOPAS ET users...

9.3CVSS3.9AI score0.00732EPSS
Exploits0References1
Prion
Prion
added 2021/12/17 5:15 p.m.20 views

Design/Logic Flaw

SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks...

9.3CVSS8.4AI score0.00732EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/12/17 4:9 p.m.60 views

CVE-2021-32497

Summary of CVE-2021-32497 (SICK SOPAS ET) : Prior to version 4.8.0, SOPAS ET allows an attacker to wrap an arbitrary executable into an SDD and hand it to a user. When the SOPAS ET emulator is started, the embedded executable may run without further checks, enabling code execution under the local...

9.3CVSS8.5AI score0.00732EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/12/17 4:9 p.m.27 views

CVE-2021-32497

SICK SOPAS ET before version 4.8.0 allows attackers to wrap any executable file into an SDD and provide this to a SOPAS ET user. When a user starts the emulator the executable is run without further checks...

8.7AI score0.00732EPSS
Exploits0References1
Prion
Prion
added 2019/07/31 6:15 p.m.18 views

Design/Logic Flaw

SAS Drug Development SDD before 32DRG02 mishandles logout actions, which allows a user who was previously logged in to access resources by pressing a back or forward button in a web browser...

6.5CVSS7AI score0.0132EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/31 5:8 p.m.93 views

CVE-2007-6763

CVE-2007-6763 concerns SAS Drug Development (SDD) prior to 32DRG02, which mishandles logout actions. According to the sources, a user who was previously authenticated can regain access to resources by using the browser’s back or forward buttons after logout. The vulnerability is described consist...

8.8CVSS8.5AI score0.0132EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/07/04 12:0 a.m.28 views

Buffer overflow in HP Instant Support Driver Check &#40;SDD&#41; ActiveX control

John Heasman of NGSSoftware has discovered a high risk vulnerability in the HP Instant Support Driver Check SDD ActiveX control, which is marked safe for scripting. The vulnerability affects the following version of the SDD control: HP Instant Support Driver Check versions prior to 1.5.0.3 This...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/07/03 12:0 a.m.36 views

HP Instant Support Driver Check HPSDDX Class (SDD) ActiveX (sdd.dll) queryHub Function Overflow

The remote host contains the SDD ActiveX control, a part of HP Instant Support. The version of this control on the remote host is reportedly affected by a buffer overflow that can be triggered by a long argument to its 'queryHub' method. If an attacker can trick a user on the affected host into...

7.6CVSS6.7AI score0.1787EPSS
Exploits1References3
Rows per page
Query Builder