Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0049 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2023-01-12 | N/A | 7.8 HIGH |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | |||||
| CVE-2014-125062 | 1 Bitstorm Project | 1 Bitstorm | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in ananich bitstorm. Affected by this vulnerability is an unknown functionality of the file announce.php. The manipulation of the argument event leads to sql injection. The name of the patch is ea8da92f94cdb78ee7831e1f7af6258473ab396a. It is recommended to apply a patch to fix this issue. The identifier VDB-217621 was assigned to this vulnerability. | |||||
| CVE-2016-15012 | 1 Salesforce | 1 Mobile Software Development Kit | 2023-01-12 | N/A | 9.8 CRITICAL |
| ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The name of the patch is 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2022-4880 | 1 Openutau | 1 Openutau | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability was found in stakira OpenUtau. It has been classified as critical. This affects the function VoicebankInstaller of the file OpenUtau.Core/Classic/VoicebankInstaller.cs of the component ZIP Archive Handler. The manipulation leads to path traversal. Upgrading to version 0.0.991 is able to address this issue. The name of the patch is 849a0a6912aac8b1c28cc32aa1132a3140caff4a. It is recommended to upgrade the affected component. The identifier VDB-217617 was assigned to this vulnerability. | |||||
| CVE-2020-36645 | 1 Square | 1 Squalor | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in square squalor. This affects an unknown part. The manipulation leads to sql injection. Upgrading to version v0.0.0 is able to address this issue. The name of the patch is f6f0a47cc344711042eb0970cb423e6950ba3f93. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217623. | |||||
| CVE-2015-10026 | 1 Flairbot Project | 1 Flairbot | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability was found in tiredtyrant flairbot. It has been declared as critical. This vulnerability affects unknown code of the file flair.py. The manipulation leads to sql injection. The name of the patch is 5e112b68c6faad1d4699d02c1ebbb7daf48ef8fb. It is recommended to apply a patch to fix this issue. VDB-217618 is the identifier assigned to this vulnerability. | |||||
| CVE-2013-10009 | 1 Pychao Project | 1 Pychao | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability was found in DrAzraelTod pyChao and classified as critical. Affected by this issue is the function klauen/lesen of the file mod_fun/__init__.py. The manipulation leads to sql injection. The name of the patch is 9d8adbc07c384ba51c2583ce0819c9abb77dc648. It is recommended to apply a patch to fix this issue. VDB-217634 is the identifier assigned to this vulnerability. | |||||
| CVE-2015-10025 | 1 Miniconf Project | 1 Miniconf | 2023-01-12 | N/A | 7.5 HIGH |
| A vulnerability has been found in luelista miniConf up to 1.7.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file miniConf/MessageView.cs of the component URL Scanning. The manipulation leads to denial of service. Upgrading to version 1.7.7 and 1.8.0 is able to address this issue. The name of the patch is c06c2e5116c306e4e1bc79779f0eda2d1182f655. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217615. | |||||
| CVE-2014-125065 | 1 Bottle-auth Project | 1 Bottle-auth | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in john5223 bottle-auth. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is 99cfbcc0c1429096e3479744223ffb4fda276875. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217632. | |||||
| CVE-2014-125061 | 1 Filebroker Project | 1 Filebroker | 2023-01-12 | N/A | 9.8 CRITICAL |
| ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in peel filebroker and classified as critical. Affected by this issue is the function select_transfer_status_desc of the file lib/common.rb. The manipulation leads to sql injection. The name of the patch is 91097e26a6c84d3208a351afaa52e0f62e5853ef. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217616. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2015-10024 | 1 Larasync Project | 1 Larasync | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in hoffie larasync. This vulnerability affects unknown code of the file repository/content/file_storage.go. The manipulation leads to path traversal. The name of the patch is 776bad422f4bd4930d09491711246bbeb1be9ba5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217612. | |||||
| CVE-2014-125060 | 1 Collabcal Project | 1 Collabcal | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in holdennb CollabCal. Affected is the function handleGet of the file calenderServer.cpp. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The name of the patch is b80f6d1893607c99e5113967592417d0fe310ce6. It is recommended to apply a patch to fix this issue. VDB-217614 is the identifier assigned to this vulnerability. | |||||
| CVE-2015-10023 | 1 Trello-octometric Project | 1 Trello-octometric | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in Fumon trello-octometric. This affects the function main of the file metrics-ui/server/srv.go. The manipulation of the argument num leads to sql injection. The name of the patch is a1f1754933fbf21e2221fbc671c81a47de6a04ef. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217611. | |||||
| CVE-2015-10022 | 1 Nlgis2 Project | 1 Nlgis2 | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability was found in IISH nlgis2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file scripts/etl/custom_import.pl. The manipulation leads to sql injection. The name of the patch is 8bdb6fcf7209584eaf1232437f0f53e735b2b34c. It is recommended to apply a patch to fix this issue. The identifier VDB-217609 was assigned to this vulnerability. | |||||
| CVE-2022-43294 | 1 Tasmota Project | 1 Tasmota | 2023-01-12 | N/A | 9.8 CRITICAL |
| Tasmota before commit 066878da4d4762a9b6cb169fdf353e804d735cfd was discovered to contain a stack overflow via the ClientPortPtr parameter at lib/libesp32/rtsp/CRtspSession.cpp. | |||||
| CVE-2022-46764 | 2 Microsoft, Trueconf | 2 Windows, Server | 2023-01-12 | N/A | 9.8 CRITICAL |
| A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code execution. | |||||
| CVE-2018-25071 | 1 Lmeve Project | 1 Lmeve | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability was found in roxlukas LMeve up to 0.1.58. It has been rated as critical. Affected by this issue is the function insert_log of the file wwwroot/ccpwgl/proxy.php. The manipulation of the argument fetch leads to sql injection. Upgrading to version 0.1.59-beta is able to address this issue. The name of the patch is c25ff7fe83a2cda1fcb365b182365adc3ffae332. It is recommended to upgrade the affected component. VDB-217610 is the identifier assigned to this vulnerability. | |||||
| CVE-2014-125067 | 1 Curiosity Project | 1 Curiosity | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in corincerami curiosity. Affected by this vulnerability is an unknown functionality of the file app/controllers/image_controller.rb. The manipulation of the argument sol leads to sql injection. The name of the patch is d64fddd74ca72714e73f4efe24259ca05c8190eb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217639. | |||||
| CVE-2007-10002 | 1 Web-cyradm Project | 1 Web-cyradm | 2023-01-12 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/login_password/LANG leads to sql injection. The attack may be launched remotely. The name of the patch is 2bcbead3bdb5f118bf2c38c541eaa73c29dcc90f. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217640. | |||||
| CVE-2014-125066 | 1 Yuko-bot Project | 1 Yuko-bot | 2023-01-12 | N/A | 7.5 HIGH |
| A vulnerability was found in emmflo yuko-bot. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument title leads to denial of service. The attack can be initiated remotely. The name of the patch is e580584b877934a4298d4dd0c497c79e579380d0. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217636. | |||||