Lucene search
K

2118 matches found

NVD
NVD
added 2 days ago3 views

CVE-2026-54704

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.28.0, the JDBC auto-instrumentation may fail to sanitize passwords in SQL CONNECT statements when the password is double-quoted. As a result, clear-text...

6.5CVSS0.00219EPSS
Exploits0References1
CVE
CVE
added 2 days ago6 views

CVE-2026-54704

OpenTelemetry Java Instrumentation contains a vulnerability in JDBC auto-instrumentation prior to version 2.28.0 where passwords in SQL CONNECT statements may not be sanitized if the password is double-quoted. This can cause clear-text database passwords to be added to trace spans and exported to...

6.5CVSS5.7AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-54704 OpenTelemetry Java Instrumentation: JDBC Auto-Instrumentation Logging Clear-Text Passwords

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.28.0, the JDBC auto-instrumentation may fail to sanitize passwords in SQL CONNECT statements when the password is double-quoted. As a result, clear-text...

6.5CVSS0.00219EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-40292

An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize user input and directly interpolates it into SQL queries without using prepared statements, which allows unauthenticated...

9.3CVSS6.2AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 4 days ago5 views

PYSEC-2026-489 SQLAlchemyDA unauthenticated arbitrary SQL query execution

Impact The vulnerability allows unauthenticated execution of arbitrary SQL statements on the database the SQLAlchemyDA instance is connected to. All users are affected. Patches The problem has been patched in version 2.2. Workarounds There is no workaround. All users are urged to upgrade to versi...

9.8CVSS6.1AI score0.00881EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/24 3:36 p.m.5 views

CVE-2025-61027

A flaw was found in openlink virtuoso-opensource. An attacker can exploit this vulnerability by sending specially crafted SQL statements to the tsetpush component. This can lead to a Denial of Service DoS, making the system unavailable to legitimate users...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 3:19 p.m.5 views

CVE-2025-61023

A flaw was found in virtuoso-opensource. An attacker could exploit a vulnerability in the stcompare component by sending specially crafted SQL statements. This could lead to a Denial of Service DoS, making the service unavailable to legitimate users...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 7:25 a.m.6 views

CVE-2025-61028

A flaw was found in the virtuoso-opensource component. An attacker could exploit this vulnerability by sending specially crafted SQL statements, leading to a Denial of Service DoS condition. This could make the affected system unavailable to legitimate users...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 1:55 a.m.11 views

CVE-2025-61022

A flaw was found in openlink virtuoso-opensource. This issue, specifically within the sqlotbcolpreds component, allows attackers to cause a Denial of Service DoS by sending specially crafted SQL statements. This can lead to the unavailability of the service...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-61025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the sslrqstget component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 6:31 p.m.8 views

EUVD-2025-210323

An issue in the sqlotryinloop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 6:31 p.m.6 views

EUVD-2025-210324

An issue in the sqlountry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 6:31 p.m.7 views

EUVD-2025-210321

An issue in the timettodt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

5.9AI score0.00482EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 6:31 p.m.5 views

EUVD-2025-210320

An issue in the tsetpush component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

5.9AI score0.0035EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 6:31 p.m.6 views

EUVD-2025-210317

An issue in the sqlotbcolpreds component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 6:31 p.m.6 views

EUVD-2025-210313

An issue in the sqloplacedtset component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 6:31 p.m.6 views

EUVD-2025-210315

An issue in the sqlostripinjoin component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS5.9AI score0.00482EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 5:16 p.m.7 views

CVE-2025-61021

An issue in the sqlonaturaljoincond component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS0.0035EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:16 p.m.6 views

CVE-2025-61022

An issue in the sqlotbcolpreds component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS0.0035EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/23 12:0 a.m.4 views

CVE-2025-61020

An issue in the sqlostripinjoin component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

5.9AI score0.00482EPSS
Exploits0References1
Rows per page
Query Builder