ReportizFlow
Filtered by vendor
Subscriptions
Total
13188 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-57653 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the qst_vec_set_copy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57654 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the qst_vec_get_int64 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57655 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the dfe_n_in_order component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57656 | 2 Openlinksw, Redhat | 2 Virtuoso, Rhel Els | 2025-04-17 | 7.5 High |
| An issue in the sqlc_add_distinct_node component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57657 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlg_vec_upd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57658 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sql_tree_hash_1 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57659 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlg_parallel_ts_seq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2021-28655 | 1 Apache | 1 Zeppelin | 2025-04-17 | 6.5 Medium |
| The improper Input Validation vulnerability in "”Move folder to Trash” feature of Apache Zeppelin allows an attacker to delete the arbitrary files. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions. | ||||
| CVE-2020-6998 | 1 Rockwellautomation | 18 Armor Compact Guardlogix 5370, Armor Compact Guardlogix 5370 Firmware, Compact Guardlogix 5370 and 15 more | 2025-04-17 | 5.8 Medium |
| The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to a controller, which may cause denial-of-service conditions in communications with other products. | ||||
| CVE-2024-57660 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlo_expand_jts component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57661 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlo_df component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57662 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlg_hash_source component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57663 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlg_place_dpipes component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2024-57664 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | 7.5 High |
| An issue in the sqlg_group_node component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2022-46401 | 1 Microchip | 24 Bm64, Bm64 Firmware, Bm70 and 21 more | 2025-04-17 | 5.4 Medium |
| The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete. | ||||
| CVE-2022-46328 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-17 | 7.5 High |
| Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2022-44756 | 1 Hcltechsw | 1 Bigfix Insights For Vulnerability Remediation | 2025-04-16 | 6.4 Medium |
| Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. This may lead to information disclosure. This requires privileged access. | ||||
| CVE-2022-25940 | 1 Lite-server Project | 1 Lite-server | 2025-04-16 | 7.5 High |
| All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse. | ||||
| CVE-2024-33871 | 2 Artifex, Redhat | 7 Ghostscript, Enterprise Linux, Rhel Aus and 4 more | 2025-04-16 | 8.8 High |
| An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded. | ||||
| CVE-2021-44462 | 1 Hornerautomation | 1 Cscape Envisionrv | 2025-04-16 | 7.8 High |
| This vulnerability can be exploited by parsing maliciously crafted project files with Horner Automation Cscape EnvisionRV v4.50.3.1 and prior. The issues result from the lack of proper validation of user-supplied data, which can result in reads and writes past the end of allocated data structures. User interaction is required to exploit this vulnerability as an attacker must trick a valid user to open a malicious HMI project file. | ||||