CVE-2026-40850

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-40819

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the syncdata24 task due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-40831 Authenticated SQLi in Easy View

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-40818 Unauthenticated SQLi in _mb24confi_getDevice function function

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24configetDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43608

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

SAP HANA Deployment Infrastructure deploy library SQL注入漏洞

SAP HANA Deployment Infrastructure deploy library is a deployment support library developed by SAP, a German company, for the deployment and lifecycle management of SAP HANA applications. The SAP HANA Deployment Infrastructure deploy library contains a SQL injection vulnerability. This...

OneUptime ClickHouse vulnerable to SQL Injection via unvalidated column identifiers in sort, select, and groupBy parameters

The fix for GHSA-p5g2-jm85-8g35 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query construction paths in StatementGenerator. The toSortStatement, toSelectStatement, and...

EUVD-2007-5898

Malware in sbrugna...

EUVD-2018-12556

Malware in sbrugna...

EUVD-2019-9218

Malware in sbrugna...

EUVD-2020-3999

Malware in sbrugna...

EUVD-2014-8737

Malware in sbrugna...

EUVD-2023-52977

Malicious code in bioql PyPI...

CVE-2023-48947

An issue in the chacmp function of openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48946

An issue in the boxmpy function of openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48948

An issue in the boxdiv function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48949

An issue in the boxadd function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48950

An issue in the boxcollen function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48951

An issue in the boxequal function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-48952

An issue in the boxdeserializereusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...