Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary Multiple vulnerabilities in IBM® Db2® 12.1.3 and earlier affect IBM® Db2® Big SQL on IBM Cloud Pak for Data 5.3 and earlier. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remot...

EUVD-2021-19430

Malware in sbrugna...

EUVD-2021-10927

Malware in sbrugna...

EUVD-2024-53677

Malicious code in bioql PyPI...

EUVD-2024-53678

Malicious code in bioql PyPI...

EUVD-2023-53583

Malicious code in bioql PyPI...

EUVD-2025-23412

Malicious code in bioql PyPI...

EUVD-2023-35920

Malicious code in bioql PyPI...

PT-2025-30254 · Helmholz +1 · Rex100 +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: A high privileged remote attacker can alter the configuration database via POST requests due to improper neutralization of special elements used in a SQL...

CVE-2014-8673

Multiple SQL vulnerabilities exist in planning.php, userlist.php, projets.php, usergroupes.php, and groupelist.php in Simple Online Planning SOPPlanningbefore 1.33...

Vulnerabilities fixed in Zoho ManageEngine

Zoho has fixed vulnerabilities in ManageEngine ADSelfService Plus versions 6513 and earlier and ManageEngine ADAudit Plus versions 8510 and earlier. The vulnerabilities are in the way the applications process SQL queries. In the case of ADSelfService Plus, authenticated users can execute arbitrar...

GHSA-7WRW-R4P8-38RX vulnerabilities

Vulnerabilities for packages: kaf, secrets-store-csi-driver-provider-azure, prometheus-blackbox-exporter, q, whereabouts, nri-cassandra, kube-rbac-proxy, nri-jmx, nri-f5, tempo, hey, crossplane-provider-aws, cass-operator, temporal-server, kubernetes-csi-livenessprobe, pdfcpu, gitea,...

CVE-2022-1807

Multiple SQLi vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin in Sophos Firewall older than version 18.5 MR4 and version 19.0 MR1...

CVE-2024-57664

An issue in the sqlggroupnode component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2024-57659

An issue in the sqlgparalleltsseq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2024-57623

An issue in the HEAPmalloc component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

Online Shopping Portal Project 2.0 SQL Injection

x========================================================================================================================================x | Title : Online Shopping Portal Project 2.0 SQL Vulnerabilities | Software : Online Shopping Portal Project | Create By :...

PT-2022-15402 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows versions 9.7, 10.1, 10.5, 11.1, and 11.5 Description: The issue allows an authenticated user to execute specially crafted SQL statements, potentially causing the server to terminate abnormally, resulting in...

Command injection

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before 4.5.9 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests...

CVE-2021-32590

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on the underlying SQL...