16 matches found
EUVD-2019-9288
Malware in sbrugna...
EUVD-2025-24004
Malicious code in bioql PyPI...
EUVD-2025-24002
Malicious code in bioql PyPI...
CVE-2025-50467
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query...
CVE-2025-50465
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the listCount function in the TestDefinitionDAO interface when the testPlatform parameter is used to construct a SQL query. An attacker can extract sensitive information from the database by injecting crafted input int...
CVE-2025-50467
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query...
CVE-2025-50466
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query...
PT-2025-32371 · Unknown · Openmetadata
Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.4.4 Description: OpenMetadata is susceptible to a SQL injection issue. An attacker can extract information from the database via the listCount function within the TestDefinitionDAO interface. The...
PT-2025-32377 · Unknown · Openmetadata
Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.4.4 Description: OpenMetadata is susceptible to a SQL injection issue. An attacker can extract information from the database through the listCount function within the TestDefinitionDAO interface. The entityTyp...
CVE-2025-50467
OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query...
PT-2025-32376 · Unknown · Openmetadata
Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.4.5 Description: OpenMetadata is susceptible to a SQL injection issue. An attacker can extract information from the database through the listCount function within the TestDefinitionDAO interface. The...
CVE-2019-19678
In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue...
CVE-2019-19678
In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue...
CVE-2019-19678
In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue...
CVE-2019-19678
In Xray Test Management for Jira, versions prior to 3.5.5 are affected by an XSS vulnerability: remote authenticated attackers can trigger script execution via the Generic Test Definition field in a new Generic Test issue. The issue stems from the generic field entry point, enabling cross-site sc...