Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sqlalchemy vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-0805
Multiple SQL injection vulnerabilities in SQLAlchemy prior to 0.7.0b4, as used in Keystone, allow remote malicious users to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select....
Sqlalchemy Sqlalchemy 0.7.0
Sqlalchemy Sqlalchemy 0.6.0
Sqlalchemy Sqlalchemy 0.6.4
Sqlalchemy Sqlalchemy 0.6.3
Sqlalchemy Sqlalchemy
Sqlalchemy Sqlalchemy 0.6.7
Sqlalchemy Sqlalchemy 0.6.6
Sqlalchemy Sqlalchemy 0.6.5
Sqlalchemy Sqlalchemy 0.6.2
Sqlalchemy Sqlalchemy 0.6.1
NA
CVE-2022-40023
Sqlalchemy mako prior to 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
Sqlalchemy Mako
Debian Debian Linux 10.0
1 Github repository
7.5
CVSSv2
CVE-2019-7164
SQLAlchemy up to and including 1.2.17 and 1.3.x up to and including 1.3.0b2 allows SQL Injection via the order_by parameter.
Sqlalchemy Sqlalchemy 1.3.0
Sqlalchemy Sqlalchemy
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
1 Github repository
6.8
CVSSv2
CVE-2019-7548
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
Sqlalchemy Sqlalchemy 1.2.17
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started