165 matches found
CVE-2025-10610
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SFS Consulting Information Processing Industry and Foreign Trade Inc. Winsure allows Blind SQL Injection.This issue affects Winsure: through Version dated 21.08.2025...
CVE-2025-10610
CVE-2025-10610 corresponds to an SQL injection vulnerability in Winsure (SFS Winsure) caused by improper neutralization of special elements in SQL commands, enabling blind SQL injection. Affected: Winsure versions up to 21.08.2025. Public documentation consistently describes the flaw and its impa...
SFS Winsure SQL注入漏洞
SFS Winsure is an insurance solution suite from SFS Turkey. SFS Winsure versions 21.08.2025 and earlier suffer from a SQL injection vulnerability that stems from improper neutralization of special elements, which could lead to a blind SQL injection attack...
EUVD-2019-2365
Malware in sbrugna...
EUVD-2024-48081
Malicious code in bioql PyPI...
EUVD-2024-48085
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-24578
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC 1.0.1 is affected by a heap-based buffer overflow in SFSAddString at bifs/scriptdec.c. CVE-2022-24578 Note that Nessus relies on the presence of the packag...
Linux Distros Unpatched Vulnerability : CVE-2024-26475
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grubsfsreadextent...
CVE-2024-7098
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2...
CVE-2024-6401
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SFS Consulting InsureE GL allows SQL Injection. This issue affects InsureE GL: before 4.6.2...
CVE-2024-7104
Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection. This issue affects ww.Winsure: before 4.6.2...
CVE-2024-7104
Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection. This issue affects ww.Winsure: before 4.6.2...
CVE-2024-7104
Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection. This issue affects ww.Winsure: before 4.6.2...
CVE-2024-7098
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2...
CVE-2024-6401
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SFS Consulting InsureE GL allows SQL Injection. This issue affects InsureE GL: before 4.6.2...
CVE-2024-7104
Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2...
CVE-2024-6401 SQLi in SFS Consulting's InsureE GL
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SFS Consulting InsureE GL allows SQL Injection. This issue affects InsureE GL: before 4.6.2...
CVE-2024-6401 SQLi in SFS Consulting's InsureE GL
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SFS Consulting InsureE GL allows SQL Injection. This issue affects InsureE GL: before 4.6.2...
CVE-2024-6401
CVE-2024-6401 is an SQL Injection vulnerability in SFS Consulting InsureE GL, caused by improper neutralization of special elements in SQL commands. Affected versions are InsureE GL prior to 4.6.2. The issue, documented across multiple feeds (NVD, Red Hat, CVE listing, and related advisories), in...
CVE-2024-7104
CVE-2024-7104 affects SFS Consulting’s ww.Winsure prior to version 4.6.2. Root cause: improper control of code generation that enables code injection, with potential for remote code execution. Public references in the connected documents confirm the vulnerability description; exploitation details...