CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1303 matches found

NVD•added 2019/07/17 9:15 p.m.•30 views

CVE-2019-1942

A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An...

6.5CVSS5.5AI score0.01226EPSS

Exploits0References2

Prion•added 2019/07/17 9:15 p.m.•20 views

Sql injection

4CVSS6.7AI score0.01226EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/07/17 8:25 p.m.•31 views

CVE-2019-1942 Cisco Identity Services Engine Blind SQL Injection Vulnerability

4.3CVSS6.7AI score0.01226EPSS

Exploits0References2

Node.js•added 2019/06/24 2:59 p.m.•19 views

SQL Injection

Overview Versions of sequelize prior to 3.35.1 are vulnerable to SQL Injection. The package fails to sanitize JSON path keys in the Postgres dialect, which may allow attackers to inject SQL statements and execute arbitrary SQL queries. Recommendation Upgrade to version 3.35.1 or later. References...

7.5CVSS6.1AI score0.01228EPSS

Exploits1Affected Software1

OSV•added 2019/05/16 1:29 a.m.•2 views

CVE-2019-1825

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. This vulnerability exist because the software improperly validates user-supplie...

8.1CVSS7.5AI score0.01901EPSS

Exploits1References2

NVD•added 2019/05/16 1:29 a.m.•25 views

CVE-2019-1825

8.1CVSS8.3AI score0.01901EPSS

Exploits1References2

Prion•added 2019/05/16 1:29 a.m.•23 views

Sql injection

5.5CVSS8.2AI score0.01901EPSS

Exploits1References2Affected Software2

Prion•added 2019/05/16 1:29 a.m.•26 views

Sql injection

5.5CVSS8.2AI score0.01901EPSS

Exploits1References2Affected Software3

Vulnrichment•added 2019/05/16 1:10 a.m.•15 views

CVE-2019-1824 Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerabilities

8.1CVSS7.8AI score0.01901EPSS

Exploits1References2

Vulnrichment•added 2019/05/16 1:10 a.m.•15 views

CVE-2019-1825 Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerabilities

8.1CVSS7.8AI score0.01901EPSS

Exploits1References2

Cisco•added 2019/05/15 4:0 p.m.•53 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. These vulnerabilities exist because the software improperly validates...

8.1CVSS1.2AI score

Exploits0References1

OSV•added 2019/04/03 6:29 p.m.•5 views

CVE-2018-20505

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service application crash by leveraging the ability to run arbitrary SQL statements such as in certain WebSQL use cases...

7.5CVSS7.4AI score

Exploits0References22

VulnCheck KEV•added 2019/04/02 12:0 a.m.•2 views

VulnCheck KEV: CVE-2019-7139

An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data leakage. This issue is fixed in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2...

9.8CVSS7.5AI score0.17437EPSS

Exploits2References1

NVD•added 2019/02/05 6:29 a.m.•11 views

CVE-2017-18362

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all...

9.8CVSS9.9AI score0.86706EPSS

Exploits1References4

Vulnrichment•added 2019/02/05 5:0 a.m.•6 views

CVE-2017-18362

9.9AI score0.86706EPSS

Exploits1References3

Prion•added 2018/11/28 6:29 p.m.•16 views

Sql injection

A vulnerability in the web framework code of Cisco Prime License Manager PLM could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerabilit...

7.5CVSS9.8AI score0.03652EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/11/27 9:0 p.m.•16 views

CVE-2018-13350

SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter...

10AI score0.16661EPSS

Exploits2References1

NVD•added 2018/11/08 7:29 p.m.•12 views

CVE-2018-15447

A vulnerability in the web framework code of Cisco Integrated Management Controller IMC Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could...

9.8CVSS7.7AI score0.01731EPSS

Exploits0References2

Cvelist•added 2018/11/08 7:0 p.m.•15 views

CVE-2018-15447 Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability

6.5CVSS9.8AI score0.01731EPSS

Exploits0References2

NVD•added 2018/10/05 4:29 p.m.•12 views

CVE-2018-0404

A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information...

7.5CVSS7.9AI score0.01472EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by