Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4519 matches found

Vulnrichment
Vulnrichmentadded 2022/12/13 12:0 a.m.2 views

CVE-2022-43724

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xpcmdshell feature unauthenticated remote attackers could execute custom OS commands. At...

8.3AI score0.00678EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/12/13 12:0 a.m.8 views

CVE-2022-43724

A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xpcmdshell feature unauthenticated remote attackers could execute custom OS commands. At...

9.9AI score0.00678EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2022/12/07 12:0 a.m.0 views

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS0.13911EPSS
Exploits0References2
BDU FSTEC
BDU FSTECadded 2022/11/17 12:0 a.m.0 views

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on the Windows operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS0.17266EPSS
Exploits0References3
CNNVD
CNNVDadded 2022/11/15 12:0 a.m.1 views

Simmeth System Supplier Manager SQL注入漏洞

Simmeth System Supplier Manager is a supply chain software from Simmeth System GmbH, Germany.A SQL injection vulnerability exists in versions prior to Simmeth System GmbH Supplier Manager 5.6. The vulnerability stems from the application's lack of validation of externally entered SQL statements,...

9.8CVSS8.3AI score0.00857EPSS
Exploits3References4
Snyk
Snykadded 2022/11/08 11:0 p.m.1 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure. When a timeout occurs under a high load, it can cause incorrect data to be returned as the result of an asynchronously executed query. Notes: 1 This vulnerability only affects applications that communicate with...

5.8CVSS7.2AI score0.00189EPSS
Exploits0References2
Microsoft KB
Microsoft KBadded 2022/11/08 8:0 a.m.68 views

Description of the security update for SharePoint Server 2019: November 8, 2022 (KB5002294)

Description of the security update for SharePoint Server 2019: November 8, 2022 KB5002294 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, Microsoft Word information disclosure vulnerability, and Microsoft Word remote code execution...

8.8CVSS7.5AI score0.16906EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2022/10/25 9:10 a.m.6 views

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS7.3AI score0.00393EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2022/10/24 12:0 a.m.21 views

Microsoft SQL Server DB Compliance Checks

Binary data mssqldbcompliancecheck.nbin...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTECadded 2022/10/24 12:0 a.m.0 views

Vulnerability of the Server component: Security: Privileges of the MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the MySQL Server component lies in insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...

6.8CVSS0.00081EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/10/18 9:15 p.m.4 views

CVE-2022-21625

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.4CVSS6.5AI score0.00081EPSS
Exploits0References7Affected Software1
NVD
NVDadded 2022/10/17 10:15 p.m.9 views

CVE-2022-3158

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully...

8.8CVSS0.00168EPSS
Exploits0References1
Prion
Prionadded 2022/10/17 10:15 p.m.13 views

Input validation

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully...

6.5CVSS8.9AI score0.00168EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2022/10/17 9:15 p.m.14 views

CVE-2022-38743

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. ...

8.8CVSS0.00101EPSS
Exploits0References1
Prion
Prionadded 2022/10/17 9:15 p.m.15 views

Improper access control

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. ...

6.5CVSS9.1AI score0.00101EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/10/17 12:0 a.m.10 views

CVE-2022-38743

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an improper access control vulnerability. The FactoryTalk VantagePoint SQL Server account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database. ...

9.2AI score0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/10/17 12:0 a.m.7 views

CVE-2022-3158

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully...

9AI score0.00168EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/10/17 12:0 a.m.10 views

CVE-2022-3158

Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully...

9.2AI score0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/10/17 12:0 a.m.2 views

PT-2022-20853 · Rockwell Automation · Factorytalk Vantagepoint

Name of the Vulnerable Software and Affected Versions: Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 Description: The issue is related to an input validation vulnerability in the FactoryTalk VantagePoint SQL Server. This vulnerability occurs because the server...

8.8CVSS8.9AI score0.00168EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2022/10/17 12:0 a.m.2 views

PT-2022-24548 · Rockwell Automation · Factorytalk Vantagepoint

Name of the Vulnerable Software and Affected Versions: Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 Description: The issue is related to an improper access control vulnerability. A malicious user with read-only privileges could potentially execute SQL statemen...

8.8CVSS8.9AI score0.00101EPSS
Exploits0References4
Rows per page
Query Builder