Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sqlalchemy sqlalchemy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34715
Fides is an open-source privacy engineering platform. The Fides webserver requires a connection to a hosted PostgreSQL database for persistent storage of application data. If the password used by the webserver for this database connection includes special characters such as `@` a...
7.5
CVSSv3
CVE-2022-40023
Sqlalchemy mako prior to 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
Sqlalchemy Mako
Debian Debian Linux 10.0
1 Github repository
9.8
CVSSv3
CVE-2019-7164
SQLAlchemy up to and including 1.2.17 and 1.3.x up to and including 1.3.0b2 allows SQL Injection via the order_by parameter.
Sqlalchemy Sqlalchemy
Sqlalchemy Sqlalchemy 1.3.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
1 Github repository
7.8
CVSSv3
CVE-2019-7548
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
Sqlalchemy Sqlalchemy 1.2.17
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
1 Github repository
NA
CVE-2012-0805
Multiple SQL injection vulnerabilities in SQLAlchemy prior to 0.7.0b4, as used in Keystone, allow remote malicious users to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select....
Sqlalchemy Sqlalchemy 0.6.1
Sqlalchemy Sqlalchemy 0.7.0
Sqlalchemy Sqlalchemy 0.6.3
Sqlalchemy Sqlalchemy 0.6.0
Sqlalchemy Sqlalchemy 0.6.4
Sqlalchemy Sqlalchemy 0.6.5
Sqlalchemy Sqlalchemy 0.6.2
Sqlalchemy Sqlalchemy 0.6.7
Sqlalchemy Sqlalchemy
Sqlalchemy Sqlalchemy 0.6.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started