EUVD-2026-2196

Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network...

Photon OS 5.0: Cifs PHSA-2025-5.0-0691

An update of the cifs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0691. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

MINI-WH52-3Q3Q-V5X9

Bulletin has no description...

7-card Fakabao SQL Injection Vulnerability

7-card Fakabao is a content publishing platform. A SQL injection vulnerability exists in 7-card Fakabao 1.0build20230805 and classified as critical version and prior versions, which stems from an issue with an unknown function in shop/alipaynotify.php...

PYSEC-2022-160

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach...

CVE-2019-3792

Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data...

Sql injection

Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data...

Pivotal Software Concourse SQL Injection Vulnerability

Pivotal Software Concourse is a software delivery control system for continuous development from Pivotal Software. A SQL injection vulnerability exists in the API in Pivotal Software Concourse versions prior to 5.0.1. A remote attacker can exploit this vulnerability to read privileged data via a...