308 matches found
CVE-2024-6841 CSRF in vanna-ai/vanna
A Cross-Site Request Forgery CSRF vulnerability exists in the latest commit 56b782bcefd2e59b19cd7ba7878b95f54884f502 of the vanna-ai/vanna repository. Two endpoints in the built-in web app that provide SQL functionality are implemented as simple GET requests, making them susceptible to CSRF...
ROS-20250311-05
PQescapeLiteral, PQescapeIdentifier, PQescapeString and PQescapeStringConn functions are vulnerable to vulnerability libpq library of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. Exploitation of the vulnerability could allow an...
CVE-2024-57653
An issue in the qstvecsetcopy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57664
An issue in the sqlggroupnode component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57653
An issue in the qstvecsetcopy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57660
An issue in the sqloexpandjts component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57657
An issue in the sqlgvecupd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57637
An issue in the dfeunitgbdependant component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57641
An issue in the sqlexp component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57643
An issue in the boxdeserializestring component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57638
An issue in the dfebodycopy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57619
An issue in the atomgetint component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57651
CVE-2024-57651 affects the openlink Virtuoso Open-Source package (virtuoso-opensource) with vulnerable component jp_add in version 7.2.11 . The issue allows an attacker to cause a Denial of Service (DoS) by sending crafted SQL statements. Public advisories reference the same CVE across multiple s...
CVE-2024-57655
An issue in the dfeninorder component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57651
An issue in the jpadd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57657
An issue in the sqlgvecupd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57640
An issue in the dcaddint component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57659
An issue in the sqlgparalleltsseq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57630
An issue in the expscard component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service DoS via crafted SQL statements...
CVE-2024-57627
The CVE-2024-57627 vulnerability affects MonetDB Server v11.49.1, specifically the gc_col component. The connected sources report that an issue in gc_col can be exploited to cause a Denial of Service via crafted SQL statements. No concrete details on the root cause, impacted subcomponents, or exa...