Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

GHSA-p7r8-7w87-8g46: Dolibarr arbitrary file upload vulnerability

An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL file.

ghsa
#sql#vulnerability#git
jSQL Injection 0.99

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Debian Security Advisory 5713-1

Debian Linux Security Advisory 5713-1 - A buffer overflow was discovered in libndp, a library implementing the IPv6 Neighbor Discovery Protocol (NDP), which could result in denial of service or potentially the execution of arbitrary code if malformed IPv6 router advertisements are processed.

Payroll Management System 1.0 Remote Code Execution

Payroll Management System version 1.0 suffers from a remote code execution vulnerability.

Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks

A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written in Golang and is designed to infect Linux systems. "It is a modified version of the public project

Ubuntu Security Notice USN-6832-1

Ubuntu Security Notice 6832-1 - Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affects Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS.

AEGON LIFE 1.0 SQL Injection

AEGON LIFE version 1.0 suffers from a remote SQL injection vulnerability.

PoC Exploit Emerges for Critical RCE Bug in Ivanti Endpoint Manager

A new month, a new high-risk Ivanti bug for attackers to exploit — this time, an SQL injection issue in its centralized endpoint manager.

Lost And Found Information System 1.0 Cross Site Scripting

Lost and Found Information System version 1.0 suffers from a reflective cross site scripting vulnerability.

Lost And Found Information System 1.0 SQL Injection

Lost and Found Information System version 1.0 suffers from an unauthenticated blind boolean-based remote SQL injection vulnerability.