Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database vulnerabilities and exploits
(subscribe to this query)
892
VMScore
CVE-2021-42392
The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited thr...
H2database H2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Communications Cloud Native Core Policy 1.15.0
8 Github repositories
891
VMScore
CVE-2016-4401
Aruba ClearPass Policy Manager prior to 6.5.7 and 6.6.x prior to 6.6.2 allows malicious users to obtain database credentials.
Arubanetworks Clearpass
2 Github repositories
891
VMScore
CVE-2019-5021
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of t...
Gliderlabs Docker-alpine
Opensuse Leap 15.0
Opensuse Leap 15.1
F5 Big-ip Controller 1.2.1
3 Github repositories
891
VMScore
CVE-2008-3908
Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent malicious users to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR, (3) WNHOME, or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (a...
Princeton University Wordnet 3.0
890
VMScore
CVE-2022-30493
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote malicious users to dump all database credential and gain admin access(privilege escalation).
Automotive Shop Management System Project Automotive Shop Management System 1.0
890
VMScore
CVE-2022-1367
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
890
VMScore
CVE-2022-1369
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
890
VMScore
CVE-2022-1370
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
890
VMScore
CVE-2022-1371
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
890
VMScore
CVE-2022-1372
Delta Electronics DIAEnergie (All versions before 1.8.02.004) has a blind SQL injection vulnerability exists in dlSlog.aspx. This allows an malicious user to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands.
Deltaww Diaenergie
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »