Lucene search
K

4 matches found

OSV
OSV
added 2026/06/24 11:7 a.m.7 views

BIT-NIFI-2026-44913 Apache NiFi: Improper Escaping of Table Names in CaptureChangeMySQL

Improper escaping of database table names in the CaptureChangeMySQL Processor included with Apache NiFi 1.2.0 through 2.9.0 allows for injecting SQL commands using crafted naming. Manual quoted boundaries added in Apache NiFi 1.8.0 narrowed the scope of potential injection options, but did not...

7.2CVSS5.9AI score0.00385EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/06 6:6 p.m.5 views

SQL Injection

Overview devcode-it/openstamanager is a management software for technical assistance and electronic invoicing Affected versions of this package are vulnerable to SQL Injection via the idanagrafica parameter in the init.php file. An attacker can extract sensitive database information, including...

8.8CVSS6.1AI score0.00354EPSS
Exploits3References2
OSV
OSV
added 2025/08/08 11:16 a.m.4 views

OESA-2025-1969 xmlunit security update

Security Fixes: A vulnerability was found in xmlunit-core. It has been declared as problematic.As an impact it is known to affect confidentiality, integrity, and availability.Upgrading to version 2.10.0 eliminates this vulnerability.CVE-2024-31573...

4CVSS6.7AI score0.00216EPSS
Exploits0References2
OSV
OSV
added 2024/10/09 12:15 p.m.3 views

DEBIAN-CVE-2024-28168

Improper Restriction of XML External Entity Reference 'XXE' vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue...

7.5CVSS6.2AI score0.01003EPSS
Exploits0References1
Rows per page
Query Builder