Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view,
IBM InfoSphere Information Server 11.7 vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete inform
CVE-2024-40689
CRITICAL CVSS 9.8
Find Similar
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete inf
CVE-2024-52360
CRITICAL CVSS 9.8
Find Similar
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify
CVE-2025-36220
CRITICAL CVSS 9.8
Find Similar
IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, w
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete inf
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 an
CVE-2023-50316
CRITICAL CVSS 9.8
Find Similar
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the att
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to vie
IBM Aspera Orchestrator 4.0.0 through 4.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delet
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. A
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to HTTP header injection, caused by improper validation of input by the HOST heade
IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1 are vulnerable to SQL injection. An administrative user co
CVE-2025-0165
CRITICAL CVSS 9.8
Find Similar
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data 4.8.4, 4.8.5, and 5.0.0 through 5.2.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which
A SQL injection vulnerability has been identified in the SMPP server component of the SMSEagle firmware, specifically affecting the handling of certain parameters within the server's database interact
An SQL injection vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixe
CVE-2025-52694
CRITICAL CVSS 9.8
Find Similar
Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious a
CVE-2024-52335
CRITICAL CVSS 9.3
Find Similar
A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF05). The affected application do not properly sanitize input data before sending it to the SQL server. This could allow
Page 1+ Next →