Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded 2026/05/15 6:30 p.m.7 views

Apache Flink: Remote code execution via SQL injection in code generation

Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions 1.15.0+ and LIKE...

8.1CVSS6.3AI score0.00067EPSS
Exploits0References6Affected Software3
Vulnrichment
Vulnrichmentadded 2026/05/15 3:27 p.m.4 views

CVE-2026-35194 Apache Flink: Remote code execution via SQL injection in code generation

Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions 1.15.0+ and LIKE...

6.3AI score0.00067EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/15 12:0 a.m.5 views

Apache Flink 代码注入漏洞

Apache Flink is an open-source distributed stream processing engine developed by the Apache Foundation in the United States. The product is primarily written in Java and Scala languages. Versions of Apache Flink from 1.15.0 to 1.20.x, as well as from 2.0.0 to 2.x, contain a code injection...

8.1CVSS6.3AI score0.00067EPSS
Exploits0References1
Fedora
Fedoraadded 2024/03/07 10:33 p.m.24 views

[SECURITY] Fedora 40 Update: velocity-2.3-5.fc40

Velocity is a Java-based template engine. It permits anyone to use the simple yet powerful template language to reference objects defined in Java code. When Velocity is used for web development, Web designers can work in parallel with Java programmers to develop web sites according to the...

8.8CVSS7.2AI score0.45835EPSS
Exploits3
CNVD
CNVDadded 2020/10/11 12:0 a.m.75 views

Apache Calcite Clickjacking Vulnerability

Apache Calcite is a dynamic data management framework that has many of the features of a typical database management system, such as SQL parsing, SQL validation, SQL query optimization, SQL generation, and data connection queries. clickjacking vulnerability exists in versions of Apache Calcite...

5.9CVSS2.8AI score0.00784EPSS
Exploits0References1
exploitpack
exploitpackadded 2017/09/16 12:0 a.m.30 views

WordPress Plugin Content Timeline - SQL Injection

WordPress Plugin Content Timeline - SQL Injection Exploit Title: Multiple Blind SQL Injections Wordpress Plugin: Content Timeline Google Dork: - Date: September 16, 2017 Exploit Author: Jeroen - ITNerdbox Vendor Homepage: http://www.shindiristudio.com/ Software Link:...

7.5CVSS10AI score0.07947EPSS
Exploits4
Rows per page
Query Builder