CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-0016

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00378EPSS

Exploits0References6

RedhatCVE•added 2025/02/14 11:38 a.m.•7 views

CVE-2024-36265

UNSUPPORTED WHEN ASSIGNED Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or...

9.8CVSS6.7AI score0.00378EPSS

Exploits0References4

Veracode•added 2024/06/13 6:27 a.m.•7 views

SQL Injection

org.apache.submarine: submarine-server-core is vulnerable to SQL Injection. The vulnerability is due to improper neutralization of special elements used in an SQL command, allowing attackers to manipulate queries and potentially gain unauthorized access to the server's database...

8.1CVSS7.5AI score0.00829EPSS

Exploits1References5Affected Software1

Github Security Blog•added 2024/06/12 3:31 p.m.•24 views

Apache Submarine Server Core has a SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are...

8.1CVSS8.3AI score0.00829EPSS

Exploits1References6Affected Software1

vulnersOsv•added 2024/06/12 3:31 p.m.•5 views

org.apache.submarine:submarine-submitter-k8s (>=0.8.0 <=0.8.0-RC0), org.apache.submarine:submarine-test-k8s (>=0.6.0 <=0.8.0-RC0) potentially affected by CVE-2024-36265 via org.apache.submarine:submarine-server-core (>=0.6.0 <=0.8.0)

org.apache.submarine:submarine-server-core MAVEN version =0.6.0, =0.8.0, =0.6.0, =0.8.0-RC0 Source cves: CVE-2024-36265 Source advisory: OSV:GHSA-6Q97-8V3G-RPXW...

9.8CVSS7.2AI score0.00378EPSS

Exploits0

OSV•added 2024/06/12 3:15 p.m.•4 views

PYSEC-2024-98

9.8CVSS9.4AI score0.00378EPSS

Exploits0References2

PyPA•added 2024/06/12 3:15 p.m.•6 views

PYSEC-2024-98

UNSUPPORTED WHEN ASSIGNED Incorrect Authorization vulnerability in Apache Submarine Server Core.This issue affects Apache Submarine Server Core: from 0.8.0.As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...

9.8CVSS6.9AI score0.00378EPSS

Exploits0References3Affected Software1

NVD•added 2024/06/12 2:15 p.m.•17 views

CVE-2024-36263

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to release a version that fixes thi...

8.1CVSS0.00829EPSS

Exploits1References3

CVE•added 2024/06/12 2:12 p.m.•61 views

CVE-2024-36265

Apache Submarine Server Core (versions from 0.8.0) is affected by an Incorrect Authorization vulnerability caused by invalid authorization checks. The issue is present in a retired project and there is no planned fix. In practice, this could allow network-based exploitation without user interacti...

9.8CVSS9.5AI score0.00378EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/06/12 2:12 p.m.•17 views

CVE-2024-36265 Apache Submarine Server Core: authorization bypass

0.00378EPSS

Exploits0References2

Vulnrichment•added 2024/06/12 2:12 p.m.•15 views

CVE-2024-36265 Apache Submarine Server Core: authorization bypass

9.5AI score0.00378EPSS

Exploits0References2

Cvelist•added 2024/06/12 2:5 p.m.•16 views

CVE-2024-36263 Apache Submarine Server Core: SQL injection

0.00829EPSS

Exploits1References3

Vulnrichment•added 2024/06/12 2:5 p.m.•12 views

CVE-2024-36263 Apache Submarine Server Core: SQL injection

8.3AI score0.00829EPSS

Exploits1References3

CVE•added 2024/06/12 2:5 p.m.•56 views

CVE-2024-36263

Apache Submarine Server Core (all versions) is affected by an SQL Injection vulnerability due to improper neutralization of special elements in SQL commands. The project is retired, and there is no planned fix. CVSS‑3.1 vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N (base score 8.1). Attack value is...

8.1CVSS8.3AI score0.00829EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2024/06/12 12:0 a.m.•4 views

PT-2024-26939 · Apache · Apache Submarine Server Core

Name of the Vulnerable Software and Affected Versions: Apache Submarine Server Core affected versions not specified Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This affects products that are no long...

8.1CVSS8.2AI score0.00829EPSS

Exploits1References12

Veracode•added 2023/11/23 9:16 a.m.•14 views

SQL Injection

Submarine Server Database is vulnerable to SQL Injection. The vulnerability exists due to improper SQL sanitization in SysDeptMapper.xml which allows an attacker to execute arbitrary SQL queries during login and gain access to sensitive data...

9.8CVSS8.2AI score0.77066EPSS

Exploits0References4Affected Software1

OSV•added 2023/11/22 12:30 p.m.•17 views

GHSA-V5GJ-FX3G-HCPW SQL injection in Apache Submarine

Apache Software Foundation Apache Submarine has an SQL injection vulnerability when a user logs in. This issue can result in unauthorized login. Now we have fixed this issue and now user must have the correct login to access workbench. This issue affects Apache Submarine: from 0.7.0 before...

9.8CVSS9.6AI score0.77066EPSS

Exploits0References7

Github Security Blog•added 2023/11/22 12:30 p.m.•10 views

SQL injection in Apache Submarine

9.8CVSS8.4AI score0.77066EPSS

Exploits0References7Affected Software1

NVD•added 2023/11/22 10:15 a.m.•9 views

CVE-2023-37924

9.8CVSS0.77066EPSS

Exploits0References3